Lucene search
K

8 matches found

Fedora
Fedora
added 2025/02/13 2:2 a.m.10 views

[SECURITY] Fedora 40 Update: rust-coreos-installer-0.23.0-2.fc40

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

7.3AI score
Exploits0
Fedora
Fedora
added 2024/06/02 3:39 a.m.16 views

[SECURITY] Fedora 39 Update: rust-coreos-installer-0.21.0-3.fc39

coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines or, occasionally, to virtual machines...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.7 views

Fedora: Security Advisory for rust-coreos-installer (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.32 views

RHCOS 4 / 9 : OpenShift Container Platform 4.13.0 (RHSA-2023:1325)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1325 advisory. - buildah: possible information disclosure and modification CVE-2022-2990 - OpenShift: Missing HTTP Strict Transport Security...

9.1CVSS7AI score0.05623EPSS
Exploits1References27
OSV
OSV
added 2021/11/08 6:1 p.m.26 views

GHSA-862G-9H5M-M3QV coreos-installer < 0.10.0 writes world-readable Ignition config to installed system

Impact On systems installed with coreos-installer before 0.10.0, the user-provided Ignition config was written to /boot/ignition/config.ign with world-readable permissions, granting unprivileged users access to any secrets included in the config. Default configurations of Fedora CoreOS and RHEL...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2021/11/08 6:1 p.m.38 views

coreos-installer < 0.10.0 writes world-readable Ignition config to installed system

Impact On systems installed with coreos-installer before 0.10.0, the user-provided Ignition config was written to /boot/ignition/config.ign with world-readable permissions, granting unprivileged users access to any secrets included in the config. Default configurations of Fedora CoreOS and RHEL...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/10/12 4:6 p.m.15 views

GHSA-3R3G-G73X-G593 coreos-installer improperly verifies GPG signature when decompressing gzipped artifact

Impact coreos-installer fails to correctly verify GPG signatures when decompressing gzip-compressed artifacts. This allows bypass of signature verification in cases where coreos-installer decompresses a downloaded OS image, allowing an attacker who can modify the OS image to compromise a...

7.8CVSS7.3AI score0.00515EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2021/10/12 4:6 p.m.22 views

coreos-installer improperly verifies GPG signature when decompressing gzipped artifact

Impact coreos-installer fails to correctly verify GPG signatures when decompressing gzip-compressed artifacts. This allows bypass of signature verification in cases where coreos-installer decompresses a downloaded OS image, allowing an attacker who can modify the OS image to compromise a...

7.8CVSS0.6AI score0.00515EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder