13 matches found
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications monoliths and microservices for OpenShift as a containerized platform. This release of Red H...
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...
CVE-2021-4178
CVE-2021-4178 affects the Fabric8 Kubernetes client (versions 5.0.0-beta-1 and newer) due to unsafe YAML parsing in unmarshalYaml, enabling local, privileged code execution via a crafted YAML payload. The issue is confirmed across multiple sources (NVD/NVD-derived entry and Red Hat/Jenkins adviso...
io.apicurio:apicurio-registry-tenant-manager-api (>=2.0.0.Final <=2.0.2.Final), io.dekorate:core-junit (>=2.0.0 <=2.4.1) +105 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.1.0 <=5.1.1)
io.fabric8:kubernetes-client MAVEN version =5.1.0, =2.0.0.Final, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.4.1 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...
com.apothesource.fam.kubeint.itest:com.apothesource.fam.kubeint.itest.gradle.plugin (>=0.0.1 <=0.4.3), com.apothesource.fam:kubeint-gradle-plugin (>=0.0.1 <=0.4.3) +153 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.2.0 <=5.3.1)
io.fabric8:kubernetes-client MAVEN version =5.2.0, =0.0.1, =0.0.1, =0.3.0, =0.4.0, =5.2.0, =5.3.0, =5.3.0, =5.3.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.3.1 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...
com.baidu.hugegraph:computer-k8s (>=0.1.0 <=0.1.3), com.baidu.hugegraph:computer-test (>=0.1.0 <=0.1.3) +152 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.5.0 <=5.7.3)
io.fabric8:kubernetes-client MAVEN version =5.5.0, =0.1.0, =0.1.0, =0.0.13, =2.12.0, =1.96.0, =0.6.0, =0.6.0, =2.5.0, =2.5.0, =2.5.0, =2.6.0 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...
cz.xtf:builder (=0.25), cz.xtf:core (=0.25) +51 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.11.0 <=5.11.1)
io.fabric8:kubernetes-client MAVEN version =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.1 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...
com.dajudge.kindcontainer:kindcontainer (=0.0.15), io.automatiko.quarkus:automatiko-operator (=0.10.0) +93 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (=5.8.0)
io.fabric8:kubernetes-client MAVEN version =5.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.fabric8:kubernetes-client and may be impacted: - com.dajudge.kindcontainer:kindcontainer =0.0.15 - io.automatiko.quarkus:automatiko-operator =0.10.0 -...
Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)
Summary There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. Vulnerability Details CVEID: CVE-2021-4178 DESCRIPTION: Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe...
Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 2.2.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...