436 matches found
SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2026:2643-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2643-1 advisory. This update for aws-iam-authenticator fixes the following issues - CVE-2022-1996: CORS bypass bsc1200528. - CVE-2022-2385:...
SUSE-SU-2026:2643-1 Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues - CVE-2022-1996: CORS bypass bsc1200528. - CVE-2022-2385: aws-iam-authenticator AccessKeyID validation bypass bsc1201395. - CVE-2024-39689: remove root certificates from GLOBALTRUST from the root store. - CVE-2025-47910: net/http:...
CVE-2022-1996 vulnerabilities
Vulnerabilities for packages: kubeflow...
Linux Distros Unpatched Vulnerability : CVE-2022-1996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. CVE-2022-1996 Note that Nessus relies on the presence...
openSUSE Security Advisory (SUSE-SU-2024:4329-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : aws-iam-authenticator (SUSE-SU-2024:4329-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4329-1 advisory. - CVE-2022-1996: Fixed CORS bypass bsc1200528. Tenable has extracted the preceding description block directly from the SUSE...
SUSE-SU-2024:4329-1 Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...
Fedora 37 : golang-cloud-google (2022-6e5bcf2979)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6e5bcf2979 advisory. Automatic update for golang-cloud-google-0.103.0-2.fc37. Changelog Wed Aug 3 2022 Robert-Andr Mauchin 0.103.0-2 - Fix tests on other arches Mon Aug ...
Fedora 37 : golang (2022-bf188fb91a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf188fb91a advisory. Automatic update for golang-1.18.4-1.fc37. Changelog Wed Jul 13 2022 Alejandro Sez - 1.18.4-1 - Update to 1.18.4 Sun Jun 19 2022 Robert-Andr Mauchin...
Photon OS 4.0: Calico PHSA-2023-4.0-0427
An update of the calico package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Storage Fusion is vulnerable to authorization bypass due to go-restful.
Summary emicklei/go-restful is used by IBM Storage Fusion's isf-prereq-operator to create pre-requisite resources and deploy dependent operators. CVE-2022-1996. Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: go-restful could allow a remote attacker to bypass security restrictions, caused ...
RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...
RHEL 8 : openshift-gitops-kam (RHSA-2023:3229)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3229 advisory. Security Fixes: go-restful: Authorization Bypass Through User-Controlled Key CVE-2022-1996 For more details about the security issues, including the...
SUSE-SU-2024:0799-1 Security update for containerd
This update for containerd fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...
openSUSE: Security Advisory for trivy (openSUSE-SU-2022:10081-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for catatonit, containerd, runc (SUSE-SU-2023:4727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : catatonit, containerd, runc (SUSE-SU-2023:4727-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4727-1 advisory. containerd: - Update to containerd v1.7.8. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7....
SUSE-SU-2023:4727-1 Security update for catatonit, containerd, runc
This update of runc and containerd fixes the following issues: containerd: - Update to containerd v1.7.8. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.8 CVE-2022-1996: Fixed CORS bypass in go-restful bsc1200528 catatonit: - Update to catatonit v0.2.0. Change...
Security Bulletin: IBM Storage Fusion and IBM Storage Fusion HCI may be vulnerable to an authorization bypass due to emicklei/go-restful [CVE-2022-1996]
Summary IBM Storage Fusion and IBM Storage Fusion HCI, previously known as Spectrum Fusion and Spectrum Fusion HCI, may be affected by a vulnerability in emicklei/go-restful. The Vulnerability includes an authorization bypass through a user-controlled key as described by the CVE in the...