37 matches found
Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.289 Vulnerability Details CVEID:CVE-2023-45283 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by the failure to recognize paths with a ??\ prefix...
Security Bulletin: Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to information disclosure and denial of service due to Go vulnerabilities CVE-2023-45287, CVE-2023-39326, and CVE-2024-24786
Summary Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to information disclosure and denial of service due to Go vulnerabilities CVE-2023-45287, CVE-2023-39326, and CVE-2024-24786. These have been remediated. Vulnerability Details CVEID:CVE-2023-45287 DESCRIPTION: Golang Go...
RHEL 9 : containernetworking-plugins (RHSA-2024:4429)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4429 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfaces in Lin...
Security Bulletin: IBM Storage Protect Server may be susceptible to loss of confidentiality vulnerability due to Golang Go (CVE-2023-45287)
Summary Golang Go is used by the IBM Storage Protect Server OSSM component. Golang Go is vulnerable to loss of confidentiality caused by timing-side channel attack in RSA based key exchange methods used in crypto/tls. Vulnerability Details CVEID:CVE-2023-45287 DESCRIPTION: Golang Go could allow a...
CVE-2023-45287 affecting package golang for versions less than 1.20.0-1
CVE-2023-45287 affecting package golang for versions less than 1.20.0-1. A patched version of the package is available...
RHEL 8 : container-tools:rhel8 (RHSA-2024:2988)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2988 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: urllib3:...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update
An update for collectd-sensubility is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update
An update for collectd-sensubility is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : Red Hat OpenStack Platform 17.1 (collectd-sensubility) (RHSA-2024:2730)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2730 advisory. This project aims to provide the possibility to switch from Sensu-based availability monitoring solution to a monitoring solution based on...
Oracle Linux 9 : podman (ELSA-2024-2193)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2193 advisory. - Rebuild for following CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...
Oracle Linux 9 : containernetworking-plugins (ELSA-2024-2272)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2272 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540...
Oracle Linux 9 : skopeo (ELSA-2024-2239)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2239 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539...
Moderate: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 9 : podman (RHSA-2024:2193)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2193 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...
Moderate: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: path/filepath: stack...
RHEL 9 : containernetworking-plugins (RHSA-2024:2272)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2272 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfac...
Moderate: Red Hat Security Advisory: Service Telemetry Framework 1.5.4 security update
An update is now available for Service Telemetry Framework 1.5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Moderate: Red Hat Security Advisory: Run Once Duration Override Operator for Red Hat OpenShift 1.1.0 for RHEL 9
An update for run-once-duration-override-container, run-once-duration-override-operator-bundle-container, and run-once-duration-override-operator-container is now available for RODOO-1.1-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.z security update
Red Hat build of MicroShift release 4.15.0 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat build of MicroShift 4.15.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.0 packages and security update
Red Hat OpenShift Container Platform release 4.15.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...