65 matches found
EUVD-2025-27932
Malicious code in bioql PyPI...
SUSE CVE-2025-38607
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...
CVE-2025-38607 bpf: handle jset (if a & b ...) as a jump in CFG computation
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...
SUSE-SU-2024:4011-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 - Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...
Malicious code in scc-quack (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9827 Malicious code in scc-quack (npm)
--- -= Per source details. Do not edit below this line.=-...
Security Context Constraints(SCC) capabilities setting for Generic Storage Backup and Restore with OCP 4.11 or higher
Purpose This article describes Security Context ConstraintsSCC capabilities that need to be added to use Generic Backup and Restore feature capabilities on OCP 4.11 and higher. Known Issues With OCP 4.11, default security context constraints SCC have changed. Due to this, when using Generic Stora...
SAP Cloud Connector 2.16.1 Missing Validation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 Portable and Installer fixed version: 2.16.2 Portable and Installer...
SUSE CVE-2023-1260
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...
kube-apiserver authentication bypass vulnerability
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...
CVE-2023-1260
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...
Authentication flaw
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...
PT-2023-16844 · Kubernetes · Kube-Apiserver
Name of the Vulnerable Software and Affected Versions: kube-apiserver affected versions not specified Description: An authentication bypass issue was discovered in kube-apiserver, allowing a remote, authenticated attacker with update, patch permissions on the pods/ephemeralcontainers subresource ...
GO-2023-1549 Improper input validation in github.com/openshift/apiserver-library-go
Low-privileged users can set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint SCC is "runtime/default," allowing users to disable seccomp for pods they can create and modify...
SUSE: Security Advisory (SUSE-SU-2020:0278-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-14336
CVE-2020-14336 affects Red Hat OpenShift Container Platform via the Restricted Security Context Constraints (SCC), allowing pods to craft custom network packets and potentially cause a denial-of-service on a cluster when pods are deployed. The issue primarily impacts availability. Remediation is ...
SUSE: Security Advisory (SUSE-SU-2020:3147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3160-1)
This update for rmt-server fixes the following issues : Version 2.6.5 Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. Version 2.6.4 Add web server settings to /etc/rmt.conf: Now it's...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3147-1)
This update for rmt-server fixes the following issues : Version 2.6.5 Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. Version 2.6.4 Add web server settings to /etc/rmt.conf: Now it's...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3036-1)
This update for rmt-server fixes the following issues : Update to version 2.6.5: Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. Add web server settings to /etc/rmt.conf: Now it's possible...