CVE-2021-33197 affecting package python-tensorboard for versions less than 2.16.2-2

CVE-2021-33197 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to several issues due to the go compiler ( CVE-2021-33197 )

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2021-33197. Vulnerability Details CVEID:CVE-2021-33197 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By sendi...

RHEL 7 : heketi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty CVE-2021-33197 Note that...

RHEL 8 : Red Hat OpenShift Data Foundation 4.9.0 (RHSA-2021:5085)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5085 advisory. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Re...

RHEL 9 : buildah (RHSA-2022:8008)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8008 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

Moderate: Red Hat Security Advisory: buildah security and bug fix update

An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: podman security and bug fix update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2022:7954 Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2021:3487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3487 advisory. A highly-available key value store for shared configuration Security Fixes: net/http: panic in ReadRequest and ReadResponse when reading a...

Amazon Linux 2 : golang, --advisory ALAS2-2022-1830 (ALAS-2022-1830)

The version of golang installed on the remote host is prior to 1.18.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1830 advisory. A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an...

CVE-2021-33197

A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-33197)

Summary Security Vulnerabilities affect IBM Cloud Private - Golang Vulnerability Details CVEID: CVE-2021-33197 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By sending a specially-crafted request, a...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 2.6.10 RPMs security and bug fix update

Red Hat OpenShift Virtualization release 2.6.10 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.8.5 RPMs security update

Red Hat OpenShift Virtualization release 4.8.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

Moderate: Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 5.0.0 [security update]

The components for Windows Container Support for Red Hat OpenShift 5.0.0 are now available. This product release includes bug fixes and a moderate security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

AlmaLinux 8 : grafana (ALSA-2021:4226)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4226 advisory. - In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.9.2 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.9.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

Security Bulletin: Vulnerabilities in Golang Go may affect IBM Spectrum Protect Server (CVE-2021-33195, CVE-2021-33197, CVE-2021-36221)

Summary The IBM Spectrum Protect Server may be affected by Golang Go vulnerabilities such as denial of service, execution of arbitrary code, and bypassing of security restrictions. Vulnerability Details CVEID: CVE-2021-33195 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrar...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-2710)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...