17 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.0 Release.
Red Hat OpenShift Dev Spaces 3.28.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.28 release is based on...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.1 Release.
Red Hat OpenShift Dev Spaces 3.27.1 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.27 release is based on...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.0 Release.
Red Hat OpenShift Dev Spaces 3.27.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.27 release is based on...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.1 Release.
Red Hat OpenShift Dev Spaces 3.26.1 has been released. 3.26.1 includes CVE fixes for CVE-2025-15467, CVE-2025-6176, CVE-2026-1761, CVE-2026-0719, CVE-2025-61732, and CVE-2025-61726. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams an...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.
Red Hat OpenShift Dev Spaces 3.26.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.26 release is based on...
Critical: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.25.0 Release.
Red Hat OpenShift Dev Spaces 3.25.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.25 release is based on...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release.
Red Hat OpenShift Dev Spaces 3.24.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.24 release is based on...
EUVD-2024-0570
Malicious code in bioql PyPI...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.
Red Hat OpenShift Dev Spaces 3.23.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release
Red Hat OpenShift Dev Spaces 3.16 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.15.0 release
Red Hat OpenShift Dev Spaces 3.15 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
GO-2024-2576 registry-support: decompress can delete files outside scope via relative paths in github.com/devfile/registry-support/registry-library
registry-support: decompress can delete files outside scope via relative paths in github.com/devfile/registry-support/registry-library. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...
Design/Logic Flaw
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the parent or plugin keywords. This could download a malicious archive and cause the cleanup process to overwrite o...
registry-support Security Vulnerabilities
registry-support is a Devfile open source library . It provides support for the devfile registry. registry-support security vulnerability , the vulnerability stems from an unauthenticated remote attacker to trick the user to open a specially modified tar archive , resulting in the cleanup process...
CVE-2024-1485 Registry-support: decompress can delete files outside scope via relative paths
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the parent or plugin keywords. This could download a malicious archive and cause the cleanup process to overwrite o...
CVE-2024-1485
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the parent or plugin keywords. This could download a malicious archive and cause the cleanup process to overwrite o...
Moderate: Red Hat Security Advisory: Red Hat CodeReady Workspaces 2.1.0 release
Red Hat CodeReady Workspaces 2.1.0 has been released. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in th...