31 matches found
CVE-2023-49569 affecting package cri-o for versions less than 1.22.3-12
CVE-2023-49569 affecting package cri-o for versions less than 1.22.3-12. A patched version of the package is available...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multible go-git vulnerabilities.
Summary Potential go-git vulnerabilities CVE-2023-49568, CVE-2023-49569 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-49568 DESCRIPTIO...
Critical: Red Hat Security Advisory: The Red Hat OpenShift Builds 1.1.0 General Availability
Red Hat OpenShift Builds 1.1.0 Critical: Security fixes and ships the operator with a RHEL9 base. The release of Red Hat OpenShift Builds 1.1.0 General Availability introduces the following change: - The Builds Operator has been migrated to a RHEL 9 base. - The CSI driver is now integrated and...
CBL Mariner 2.0 Security Update: packer (CVE-2023-49569)
The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49569 advisory. - A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows a...
CVE-2023-49569 affecting package packer for versions less than 1.9.5-1
CVE-2023-49569 affecting package packer for versions less than 1.9.5-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Storage Ceph is vulnerable to a Path Traversal in Grafana (CVE-2023-49568, CVE-2023-49569)
Summary Go Git is used by IBM Storage Ceph in Grafana for Metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2023-49568, CVE-2023-49569 Vulnerability Details CVEID:CVE-2023-49568 DESCRIPTION: go-git is vulnerable to a denial of service, caused by...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 5.3 security, bug fix, and enhancement update
An update is now available for Red Hat Ceph Storage 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
CVE-2023-49569 affecting package cri-o for versions less than 1.30.1-1
CVE-2023-49569 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this issue...
RHEL 8 : grafana (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - grafana: session control failure may lead to information disclosure CVE-2022-32275 - protobufjs: prototyp...
RHEL 8 / 9 : Red Hat Ceph Storage 6.1 (RHSA-2024:2631)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2631 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with...
CVE-2023-49569 affecting package packer for versions less than 1.9.5-3
CVE-2023-49569 affecting package packer for versions less than 1.9.5-3. A patched version of the package is available...
Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1
An update is now available for Red Hat OpenShift Builds 1.0. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Go-git with Instana Agent container image
Summary Vulnerabilities in Go-git were remediated in IBM Observability with Instana with Instana Agent container image build 265. CVE-2023-49569 & CVE-2023-49568 Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By...
Critical: Red Hat Security Advisory: Red Hat Multicluster GlobalHub 1.0.2 bug fixes and security updates
Red Hat Multicluster GlobalHub 1.0.2 General Availability release images, which fix bugs, provide security updates, and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which giv...
Critical: Red Hat Security Advisory: OpenShift Container Platform 4.12.50 bug fix and security update
Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
Critical: Red Hat Security Advisory: OpenShift Container Platform 4.12.50 security and extras update
Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of...
Important: amazon-ssm-agent
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...
Amazon Linux AMI : amazon-ssm-agent (ALAS-2024-1920)
The version of amazon-ssm-agent installed on the remote host is prior to 3.2.2222.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1920 advisory. 2024-04-25: CVE-2023-49568 was added to this advisory. 2024-02-28: CVE-2023-39325 was added to this advisory...
Amazon Linux 2 : amazon-ssm-agent (ALAS-2024-2458)
The version of amazon-ssm-agent installed on the remote host is prior to 3.2.2222.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2458 advisory. 2024-04-24: CVE-2023-49568 was added to this advisory. 2024-02-29: CVE-2023-39326 was added to this advisory...
Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.5 security and bug fix container updates
Red Hat Advanced Cluster Management for Kubernetes 2.8.5 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...