69 matches found
EUVD-2019-13507
Malware in sbrugna...
EUVD-2024-1124
Malicious code in bioql PyPI...
EUVD-2022-5197
Malicious code in bioql PyPI...
EUVD-2022-1147
Malicious code in bioql PyPI...
RHSA-2019:3255 Red Hat Security Advisory: heketi security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2017:3481 Red Hat Security Advisory: heketi security update
Bulletin has no description...
GO-2022-0866 Information Exposure in Heketi in github.com/heketi/heketi
Information Exposure in Heketi in github.com/heketi/heketi...
RHEL 9 : heketi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 - I...
RHEL 8 : heketi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty CVE-2021-33197 ...
RHEL 7 : heketi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty CVE-2021-33197 Note that...
RHEL 9 : heketi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: encoding/gob: stack exhaustion in Decoder.Decode CVE-2022-30635 Note that Nessus has not tested for this...
Heketi Arbitrary Code Execution
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation...
GHSA-6G56-V9QG-JP92 Heketi Arbitrary Code Execution
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation...
RHEL 7 : OCS 3.11.z async (RHSA-2020:4143)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4143 advisory. Red Hat OpenShift Container StorageOCS is a provider of agnostic persistent storage for OpenShift Container Platform either in-house or in a...
Heketi logs sensitive information
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords...
GHSA-RM7C-X6GJ-2MR8 Heketi logs sensitive information
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords...
Information Exposure in Heketi
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file...
GHSA-Q9VW-WR57-XJV3 Information Exposure in Heketi
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file...
RHEL 7 : OpenShift Container Storage 3.11.z (RHSA-2022:0308)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0308 advisory. The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services...
Moderate: Red Hat Security Advisory: OpenShift Container Storage 3.11.z security and bug fix update
Updated container images that fix various bugs are now available for Red Hat OpenShift Container Storage 3.11 Update 9 in the Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score,...