Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

GO-2025-3547 Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes

Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Kubernetes kube-apiserver [ CVE-2024-3177]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Kubernetes kube-apiserver, caused by a flaw when using containers, init containers, and ephemeral containers with the envFrom field populated CVE-2024-3177. Kubernetes...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-3172 DESCRIPTION: Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By...

Kubernetes SIGs kube-apiserver 安全漏洞

Kubernetes SIGs kube-apiserver is a Kubernetes SIGs open source application. Validate and configure data for api objects, which include containers, services, replication controllers, and more. A security vulnerability exists in Kubernetes SIGs kube-apiserver that allows node updates to bypass a...