10 matches found
RHCOS 4 : OpenShift Container Platform 4.7.48 (RHSA-2022:1248)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1248 advisory. - workflow-cps: OS command execution through crafted SCM contents CVE-2022-25173 - workflow-cps-global-lib: OS command execution...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.57 packages and security update
Red Hat OpenShift Container Platform release 4.6.57 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.685 security and bug fix update
Red Hat OpenShift Container Platform release 3.11.685 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.7.48 packages and security update
Red Hat OpenShift Container Platform release 4.7.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...
RHEL 8 : OpenShift Container Platform 4.7.48 (RHSA-2022:1248)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1248 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.6 security update
Red Hat OpenShift Container Platform release 4.10.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
RHEL 7 / 8 : OpenShift Container Platform 4.8.35 (RHSA-2022:0871)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0871 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.7 / 2.303.x < 2.303.30.0.6 / 2.319.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-02-15)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.277.x prior to 2.277.43.0.7, 2.303.x prior to 2.303.30.0.6, or 2.x prior to 2.319.3.4. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins Pipeline: Groovy...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)
org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...
CVE-2022-25173
CVE-2022-25173 affects Jenkins’ Pipeline components, notably the Pipeline: Groovy Plugin and related plugins, where multiple SCM checkouts reuse the same workspace/directory when reading a script file (Jenkinsfile). This can enable attackers with Item/Configure permission to trigger arbitrary OS ...