CLSA-2023-1695320045 Fix CVE(s): CVE-2023-4736

SECURITY UPDATE: An executable file with some well-known name like zip, gzip, and so on can be started from a current directory during some plugin is opening apropriate file that has a one of the extensions .zip, .gzip, .rb, and etc. This issue is effective only if the PATH environment variable h...

PT-2023-18780 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: The lookup table upload feature in Splunk Enterprise allowed users to upload lookup tables with...

PT-2014-5359 · Red Hat · Openshift Origin +1

Name of the Vulnerable Software and Affected Versions: OpenShift Origin and Enterprise versions 1.2.8 through 2.1.1 Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with certain file extensions in a cartridge manifest fil...