11 matches found
RHCOS 4 : OpenShift Container Platform 4.1 openshift (RHSA-2019:3266)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3266 advisory. - kubernetes: kubectl cp allows for arbitrary file write via double symlinks CVE-2019-11251 Note that Nessus has not tested for this issue bu...
Oracle Linux 7 : kubernetes (ELSA-2019-4816)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4816 advisory. - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS - CVE-2019-16276 Support patching flannel/dashboard on upgrade -...
Photon OS 2.0: Kubernetes PHSA-2020-2.0-0229
An update of the kubernetes package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0229. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2019-11251
CVE-2019-11251 affects Kubernetes kubectl cp. The issue stems from a symlink-based path traversal using tar output in a malicious container, allowing a combination of two symlinks to place a file outside the specified destination directory. Affected kubectl versions range from 1.1 through 1.12, a...
Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes (CVE-2019-11251)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11251 DESCRIPTION: Kubernetes could allow a remote attacker to gain unauthorized access to the system, caused by an error in kubectl cp that allows a combination of two symlinks to copy a file...
Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision
Summary Multiple vulnerabilities CVE-2019-11251, CVE-2019-11253 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11251 DESCRIPTION: Kubernetes could allow a remote attacker to gain unauthorized access to the system, caused by an error in kubectl cp that allows a combination of two...
Security Bulletin: A Security Vulnerability affects IBM Cloud Private - kubectl (CVE-2019-11251)
Summary A Security Vulnerability affects IBM Cloud Private - kubectl Vulnerability Details CVEID: CVE-2019-11251 DESCRIPTION: Kubernetes could allow a remote attacker to gain unauthorized access to the system, caused by an error in kubectl cp that allows a combination of two symlinks to copy a fi...
RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:3905)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3905 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 atomic-openshift security update
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1 openshift-enterprise-cli-container security update
An update for openshift-enterprise-cli-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1 openshift security update
An update for openshift is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...