EUVD-2023-1150

Malicious code in bioql PyPI...

EUVD-2023-1220

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-28841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

CVE-2023-28842

CVE-2023-28842 affects Moby/dockerd, specifically Swarm overlay with encrypted VXLAN: an endpoint on an encrypted overlay can be unauthenticated, allowing cleartext VXLAN traffic to be injected or leaked under certain conditions. The issue stems from how iptables rules and IPsec handling are appl...

CVE-2022-31080

KubeEdge’s Websocket Client (Viaduct) in versions prior to 1.11.1, 1.10.2, and 1.9.4 is vulnerable to a DoS through memory exhaustion. The issue arises when a large response is read fully into memory, allowing an attacker to trigger a request that returns a large body and exhausts memory, potenti...

CVE-2022-31074

CVE-2022-31074 affects KubeEdge Cloud AdmissionController. Several endpoints may be exploited to cause a DoS by sending an HTTP request with a very large body, exhausting the controller and causing denial of service. The issue is fixed in KubeEdge releases 1.11.1, 1.10.2, and 1.9.4; upgrading to ...

New 'FabricScape' Bug in Microsoft Azure Service Fabric Impacts Linux Workloads

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape CVE-2022-30137,...

Design/Logic Flaw

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

CVE-2022-31076

KubeEdge vulnerability CVE-2022-31076 affects CloudCore’s UDS Server. A crafted message can trigger a nil-pointer dereference when the unixsocket switch is enabled in cloudcore.yaml, crashing CloudCore. Impact is local to the host network and assumes the attacker is an authenticated Cloud user; e...

CISA and NSA Release Kubernetes Hardening Guidance

The National Security Agency NSA and CISA have released Kubernetes Hardening Guidance, a cybersecurity technical report detailing the complexities of securely managing Kubernetes—an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized...

Aruba Airwave Software Unauthorized Access Vulnerability

Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. An unauthorized access vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker could exploit this...

Kubernetes Log Information Disclosure Vulnerability

Kubernetes is an open source Docker container cluster management system released by the Linux Foundation in the United States. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. Kubernetes suffers from a log...

Building for Billions: Addressing Security Concerns for Platforms at Scale

Security operations once consisted of a multitude of manual operations based around alerts, thresholds and severity levels. As systems scale and platforms continue to grow, how do you keep up with the growing requirements to secure these transactions and the networks they are built upon?...

Kubernetes Security

Attack matrix for Kubernetes, using the MITRE ATT framework. A good first step towards understand the security of this suddenly popular and very complex container orchestration system...

Attack matrix for Kubernetes

Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their workloads to...

How We Streamlined Infrastructure and Tooling as a Service for Development

At VMware Carbon Black, we’ve historically acquired a broad technology stack in our journey to build the premier security solution that understands cybercriminal behavior. Inheriting such a variety of tooling and storage solutions presented a challenge for us operationally. So, in order to reduce...

Kubernetes user privilege elevation vulnerability, the exposure to security risks-vulnerability warning-the black bar safety net

Recently, Kubernetes open source container software found a key of a user privilege elevation vulnerability, CVE-2018-1002105, which software is today most of the cloud infrastructure of the fixed component. This vulnerability can allow an attacker unrestricted remote access, steal data, or cause...