738 matches found
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
No, Toothbrushes Were Not Used in a Massive DDoS Attack
The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without reading the German text. It was a hypothetical, whi...
GHSA-99JV-8292-2HPM eventing-gitlab vulnerable to denial of service, caused by improper enforcement of the timeout on individual read operations
Impact The eventing-gitlab cluster-local server doesn't set ReadHeaderTimeout which could lead do a DDoS attack, where a large group of users send requests to the server causing the server to hang for long enough to deny it from being available to other users, also know as a Slowloris...
eventing-gitlab vulnerable to denial of service, caused by improper enforcement of the timeout on individual read operations
Impact The eventing-gitlab cluster-local server doesn't set ReadHeaderTimeout which could lead do a DDoS attack, where a large group of users send requests to the server causing the server to hang for long enough to deny it from being available to other users, also know as a Slowloris...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.14.1 security and bug fix update
Red Hat OpenShift Virtualization release 4.14.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines 1.10.6 release and security update
Red Hat OpenShift Pipelines 1.10.6 has been released. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in t...
Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.10.6 release and security update
Red Hat OpenShift Pipelines Client tkn for 1.10.6 has been released. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Denial Of Service (DoS)
github.com/knative-extensions/eventing-github/ is vulnerable to Denial Of Service DoS. The vulnerability is caused due to missing ReadHeaderTimeout setting in the server. This could lead to a DDoS attack, where a large number of users send requests causing it to hang...
eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations
Impact The eventing-github cluster-local server doesn't set ReadHeaderTimeout which could lead do a DDoS attack, where a large group of users send requests to the server causing the server to hang for long enough to deny it from being available to other users, also know as a Slowloris...
GHSA-V7HC-87JC-QRRR eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations
Impact The eventing-github cluster-local server doesn't set ReadHeaderTimeout which could lead do a DDoS attack, where a large group of users send requests to the server causing the server to hang for long enough to deny it from being available to other users, also know as a Slowloris...
Important: Red Hat Security Advisory: Service Registry (container images) release and security update [2.5.4 GA]
An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 (RHSA-2023:7638)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7638 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 (RHSA-2023:7637)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7637 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Imperva Successfully Mitigates Record-Breaking DDoS Attack in Retail Industry
In the dynamic world of cybersecurity, November 13, 2023, marked a significant milestone for Imperva as we successfully mitigated the largest application-layer DDoS attack we’ve ever recorded in the retail industry. The target was a prominent Indonesian eCommerce platform, known for its diverse...
Important: Red Hat Security Advisory: Updated IBM Business Automation Manager Open Editions 8.0.4 SP1 Images
An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform. IBM Business Automation Manager Open Editions is an open source business process management suite that combines process management and decision service managemen...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.11.54 packages and security update
Red Hat OpenShift Container Platform release 4.11.54 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...
RLSA-2023:7205 Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: permission model improperly...
nodejs:20 security update
An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...