EUVD-2023-54312

Malicious code in bioql PyPI...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.11 - Red Hat OpenShift security update

Logging Subsystem 5.6.11 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.5.16 - Red Hat OpenShift security update

Logging Subsystem 5.5.16 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2023-4456

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached...

Authorization

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached...

CVE-2023-4456 Openshift-logging: lokistack authorisation is cached too broadly

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached...

CVE-2023-4456 Openshift-logging: lokistack authorisation is cached too broadly

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached...

CVE-2023-4456

Summary: CVE-2023-4456 affects OpenShift OpenShift Logging LokiStack. The vulnerability arises because the cache key is the token, which is too broad, allowing a user with a token valid for one action to perform other actions as long as the original action’s authorization remains cached. Affected...

CVE-2023-4456

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached...

PT-2023-29271 · Red Hat · Openshift-Logging Lokistack

Name of the Vulnerable Software and Affected Versions: openshift-logging LokiStack affected versions not specified Description: A flaw was found in openshift-logging LokiStack, where the key used for caching is just the token, which is too broad. This issue allows a user with a token valid for on...