6 matches found
Moderate: Red Hat Security Advisory: Release of containers for OSP 16.2.z director operator tech preview
Red Hat OpenStack Platform 16.2 Train director Operator containers are available for technology preview. Release osp-director-operator images Security Fixes: golang: kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote CVE-2019-11253 golang: golang-github-miekg-dns:...
Improper random number generation in github.com/coredns/coredns
Impact CoreDNS before 1.6.6 using go DNS package 1.1.25 improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries. Patches The problem has been fixed in 1.6.6+. References - CVE-2019-19794 For more information Please consult our...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The CVE-2019-19794 issue affects the miekg/dns Go DNS package prior to 1.1.25 (used by CoreDNS before 1.6.6 and other products). The root cause is use of math/rand for TXID generation, making TXIDs predictable and enabling response forgery. Remediation: update to miekg/dns v1.1.25 or later (and C...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...