13 matches found
TencentOS Server 4: kubernetes (TSSA-2024:0807)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0807 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 279. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for September and October 2024.
Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF037 and 24.0.0-IF003. Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of service, caused by the ReDoS Regular Expression Denial of Service while...
Photon OS 5.0: Kubernetes PHSA-2025-5.0-0487
An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0487. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet [CVE-2024-5321]
Summary IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet, caused by incorrect permissions on Windows containers logs CVE-2024-5321. Kubernetes is included as part of the speech utilities used in our product. This vulnerabilitiy has been...
Moderate: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 7.2.2 product release [security update]
The components for Red Hat OpenShift for Windows Containers 7.2.2 are now available.This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update a...
Security Bulletin: IBM Automation Decision Services for August 2024 - Multiple CVEs addressed
Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2024-5321...
Moderate: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 8.1.3 product release & security update
The components for Red Hat OpenShift for Windows Containers 8.1.3 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update ...
Moderate: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 9.0.3 product release & security update
The components for Red Hat OpenShift for Windows Containers 9.0.3 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update ...
CVE-2024-5321 vulnerabilities
Vulnerabilities for packages: rancher-webhook, argo-cd, cri-tools, argocd-image-updater-fips, ip-masq-agent, node-feature-discovery, cluster-autoscaler-fips, cluster-autoscaler, spark-operator, kubernetes-dns-node-cache-fips, aws-ebs-csi-driver, argo-cd-fips, aws-ebs-csi-driver-fips,...
CVE-2024-5321 vulnerabilities
Vulnerabilities for packages: local-static-provisioner, ip-masq-agent, cri-tools, kubernetes-dns-node-cache, nodetaint, aws-efs-csi-driver, kubernetes-csi-driver-hostpath, argocd-image-updater, k8s-device-plugin, kubeflow-pipelines, spark-operator...
CVE-2024-5321 Incorrect permissions on Windows containers logs
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs...
CVE-2024-5321 Incorrect permissions on Windows containers logs
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs...