Alibaba Cloud Linux 3 : 0101: container-tools:rhel8 (ALINUX3-SA-2024:0101)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0101 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-25091: urllib3 before 1.24.2 does...

Linux Distros Unpatched Vulnerability : CVE-2021-34558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to several issues due to the go compiler ( CVE-2022-41724 CVE-2021-34558 )

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2022-41724 CVE-2021-34558. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending...

RHEL 8 : container-tools:rhel8 (RHSA-2024:2988)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2988 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: urllib3:...

RHEL 7 / 8 : OpenShift Virtualization 2.6.8 RPMs (RHSA-2021:4722)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4722 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains...

RHEL 8 : Red Hat OpenShift Data Foundation 4.9.0 (RHSA-2021:5085)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5085 advisory. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Re...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:3076)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3076 advisory. - encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the midd...

Mageia: Security Advisory (MGASA-2023-0213)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated skopeo/buildah/podman packages fix security vulnerability

Information disclosure flaw was found in Buildah CVE-2021-3602 podman allows forwarding hosts ports to vm from within vm CVE-2021-4024 Allows use "../" separators in containernetworking/cni to reference binaries such as 'reboot' in network configuration CVE-2021-20206 github.com/containers/storag...

SUSE CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic...

Moderate: Red Hat Security Advisory: podman security and bug fix update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2022:7954 Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has multiple vulnerabilities associated with the Go runtime (CVE-2021-29923, CVE-2021-31525, CVE-2021-33194, CVE-2021-33195, CVE-2021-33196, CVE-2021-33197, CVE-2021-33198)

Summary The Go runtime is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to interact with the operating system and provide utility functions. Vulnerability Details CVEID:CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the...

Security Bulletin: Multiple vulnerabilities have been found in Golang Go which is shipped with Cloud Pak System

Summary Multiple vulnerabilities have been found in Golang Go which is shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to properly...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-34558)

Summary Security Vulnerabilities affect IBM Cloud Private - Golang Vulnerability Details CVEID: CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an X.509 certificate matches the expected type in the...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.10.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.8.5 RPMs security update

Red Hat OpenShift Virtualization release 4.8.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

Moderate: Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 5.0.0 [security update]

The components for Windows Container Support for Red Hat OpenShift 5.0.0 are now available. This product release includes bug fixes and a moderate security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has...

RHEL 8 : Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) (RHSA-2022:0988)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0988 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 golang:...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) security update

An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...