4 matches found
EUVD-2023-2145
Malicious code in bioql PyPI...
GHSA-93XX-CVMC-9W3V On a compromised node, the fluid-csi service account can be used to modify node specs
Impact If a malicious user gains control of a Kubernetes node running fluid csi pod controlled by the csi-nodeplugin-fluid node-daemonset, he/she can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks "list node"...
kubernetes security update
kubernetes 1.21.14-3 - Addresses CVE-2022-3294 & CVE-2022-3162 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.9-2 - Fix 1.21 kubernetes version to align with last upstream release 1.4.9-1 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.4.7-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printin...