Command Injection

Arcane is vulnerable to Command Injection. The vulnerability is due to lifecycle label values such as com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update being passed directly to /bin/sh -c without sanitization, allowing authenticated users to inject...

Important: Red Hat Security Advisory: VolSync v0.15 security fixes and container updates

VolSync v0.15 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: VolSync v0.14 security fixes and container updates

VolSync v0.14 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.18.1-2 Update

Custom Metrics Autoscaler Operator for Red Hat OpenShift updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...

Moderate: Red Hat Security Advisory: VolSync v0.13 security fixes and container updates

VolSync v0.13 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CVE-2026-23520

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the updater service which supported lifecycle labels. An attacker can execute arbitrary commands by supplying a crafted value to the lifecycle label, which is then passed unsanitized to the shell for execution when...

EUVD-2026-2738

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...

CVE-2026-23520 Arcane has a Command Injection in Arcane Updater Lifecycle Labels Enables RCE

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...

CVE-2026-23520

Arcane CVE-2026-23520 affects the updater service prior to version 1.13.0. The updater supports lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update, whose values are passed directly to /bin/sh -c without sanitization. Any authenticated u...

Moderate: Red Hat Security Advisory: Submariner v0.21 security fixes and container updates

Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.17 LTS and 12.17.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Important: Red Hat Security Advisory: VolSync v0.13 security fixes and container updates

VolSync v0.13 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: VolSync v0.12 security fixes and container updates

VolSync v0.12 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Recommended update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestf

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Revert...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.9 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.9.9 General Availability release, with updates to container images and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.8 container updates

Red Hat Advanced Cluster Management for Kubernetes 2.10.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Security Bulletin: Security vulnerabilities addressed with IBM Business Automation Workflow container updates in April 2025

Summary Multiple security vulnerabilities are addressed with IBM Business Automation Workflow containers updates in April 2025. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the...

openSUSE Security Advisory (SUSE-SU-2025:0217-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.11.5 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.11.5 General Availability release images, which provide enhancements, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS...