17 matches found
EUVD-2022-35629
Malicious code in bioql PyPI...
CVE-2025-46821 Envoy vulnerable to bypass of RBAC uri_template permission
Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the character from a set of valid characters in the URI path. As a result URI path containing the character will not match a URI template...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.22 (RHSA-2025:4549)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4549 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.7 (RHSA-2025:3989)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3989 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.7 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.21 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2023-4061 Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor
A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...
CVE-2023-4061 Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor
A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...
Improper Authorization
@strapi/plugin-content-manager is vulnerable to Improper Authorization. The vulnerability is due to Field level permissions not being respected in the relationship title, as there are no RBAC permission checks to read the field in relations.js...
CVE-2022-32562
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission...
Code injection
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission...
CVE-2022-32562
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission...
Have You Checked the New Kubernetes RBAC Swiss Army Knife?
Kubernetes Role-Based Access Control RBAC is a method of regulating access to computer or network resources based on the roles of individual users within your organization. RBAC authorization uses the rbac.authorization.k8s.io API group to drive authorization decisions, allowing you to dynamicall...