326 matches found
AZL-57180 CVE-2025-27144 affecting package containerized-data-importer for versions less than 1.55.0-23
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt (CVE-2022-32149)
The version of application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the...
Azure Linux 3.0 Security Update: golang / ig / moby-engine / skopeo (CVE-2022-2879)
The version of golang / ig / moby-engine / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2879 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A malicious...
Azure Linux 3.0 Security Update: cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes (CVE-2024-28180)
The version of cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28180 advisory. - Package jose aims to provide an...
Azure Linux 3.0 Security Update: containerized-data-importer / cri-o / ig / libcontainers-common / skopeo (CVE-2024-3727)
The version of containerized-data-importer / cri-o / ig / libcontainers-common / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3727 advisory. - A flaw was found in the...
Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Containerized Identity Manager
Summary Multiple security vulnerabilities have been addressed in the update to IBM Security Verify Governance - Containerized Identity Manager component. Vulnerability Details CVEID:CVE-2019-11358 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improp...
Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: Update to version 1.60.1 Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1 Add registry path for SLE15 SP7 Bump to the latest tag 1.60.1-150600.3.9.1 Use the images based on SLE15 SP6...
SUSE-SU-2025:20055-1 Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: - Update to version 1.60.1 Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1 - Add registry path for SLE15 SP7 - Bump to the latest tag 1.60.1-150600.3.9.1 - Use the images based on...
CVE-2024-28180 affecting package containerized-data-importer for versions less than 1.57.0-9
CVE-2024-28180 affecting package containerized-data-importer for versions less than 1.57.0-9. A patched version of the package is available...
CVE-2023-39325 affecting package containerized-data-importer for versions less than 1.57.0-8
CVE-2023-39325 affecting package containerized-data-importer for versions less than 1.57.0-8. A patched version of the package is available...
SUSE SLES15: containerized-data-importer-api / etc (SUSE-SU-2025:0217-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0217-1 advisory. Update to version 1.61.0: Release notes - https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.61.0 -...
SUSE SLES15 Security Update : cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (SUSE-SU-2025:0216-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:0216-1 advisory. - Install nbdkit-server to avoid pulling unneeded dependencies - rebuild against current GO Tenable has extracted the preceding description...
Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.61.0: Release notes...
SUSE-SU-2025:0217-1 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.61.0: Release notes -...
PT-2025-5678 · Unknown +1 · Nbdkit-Server +9
Name of the Vulnerable Software and Affected Versions: cdi-apiserver-container affected versions not specified cdi-cloner-container affected versions not specified cdi-controller-container affected versions not specified cdi-importer-container affected versions not specified cdi-operator-containe...
CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.57.0-7
CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.57.0-7. A patched version of the package is available...
CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.55.0-22
CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.55.0-22. A patched version of the package is available...
AZL-54527 CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.55.0-22
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54440 CVE-2024-45338 affecting package containerized-data-importer for versions less than 1.57.0-8
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
CVE-2024-24786 affecting package containerized-data-importer for versions less than 1.57.0-6
CVE-2024-24786 affecting package containerized-data-importer for versions less than 1.57.0-6. A patched version of the package is available...