EUVD-2022-33098

Malicious code in bioql PyPI...

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

RHEL 7 : openstack-cinder (RHSA-2017:0156)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0156 advisory. OpenStack Block Storage cinder manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical...

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

Denial of service vulnerability when parsing multipart request body

Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...

Mattermost: DOS: out of memory from gif through upload api

Summary: When sending a specially crafted gif with max dimensions through the upload API, we get Mattermost server to consume more than 4Gbytes of RAM Steps To Reproduce: add details for how we can reproduce the issue 1. Run docker run --name mattermost-preview -d --publish 8065:8065...

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

Security Bulletin: A security vulnerability in golang affects IBM Cloud Automation Manager

Summary A security vulnerability in golang affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2022-23772 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a buffer overflow in the Rat.SetString function in math/big. By sending a specially-crafted request, ...

CVE-2020-5423 Cloud Controller is vulnerable to denial of service via YAML parsing

CAPI Cloud Controller versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM...

Product release: Virtuozzo Infrastructure Platform 3.5

In this release, Virtuozzo Infrastructure Platform offers a wide range of new features that enhance the experience of users working with compute virtualization and software-defined networking functionalities. Additionally, the update delivers stability improvements and addresses bugs found in...

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks...

Product update: Virtuozzo 7.0 Update 9 Hotfix 2 (7.0.9-547)

The Hotfix 2 for for Virtuozzo 7.0.9 provides stability and usability bug fixes. Vulnerability id: PSBM-91577 Migration of a container from a Virtuozzo 7 Update 8 host to a Virtuozzo 7 Update 9 host initiated from Virtuozzo Automator could lead to a crash of vzmigrate. Vulnerability id: PSBM-9186...

Product update: Virtuozzo 7.0 Update 7 (7.0.7-423)

The Update 7 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. Vulnerability id: PSBM-79872 Enabling nested virtualization for VM could fail due to a bug in libvirt. Vulnerability id: PSBM-81107 Setting IP address to a VM without guest tools returned error even...

Moderate: Red Hat Security Advisory: openstack-cinder security update

An update for openstack-cinder is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: openstack-cinder security update

Updated openstack-cinder packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

sssd security, bug fix, and enhancement update

1.5.1-34 - Resolves: rhbz701700 - sssd client libraries use select but should use - poll instead 1.5.1-33 - Related: rhbz693818 - Automatic TGT renewal overwrites cached password - Fix segfault in TGT renewal 1.5.1-32 - Related: rhbz693818 - Automatic TGT renewal overwrites cached password - Fix...