SUSE-SU-2025:01658-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: - CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: - Fixed GCC 15 compile time error bsc1241938 - Fixed building with containerd 1.7.25+ bsc1237147 - Ensure vmtoolsd.service and...

CBL Mariner 2.0 Security Update: telegraf (CVE-2023-2816)

The version of telegraf installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2816 advisory. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions...

Hashicorp Consul allows user with service:write permissions to patch remote proxy instances

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...

AZL-27396 CVE-2023-2816 affecting package telegraf for versions less than 1.28.5-1

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...

UBUNTU-CVE-2023-2816

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...

CVE-2023-2816

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...

PT-2023-21601 · Hashicorp · Hashicorp Consul +1

Name of the Vulnerable Software and Affected Versions: Consul and Consul Enterprise affected versions not specified Description: The issue allows any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the...

HashiCorp Consul 安全漏洞

HashiCorp Consul is a suite of distributed, highly available data center-aware solutions from HashiCorp USA. The product is used to connect and provision applications across a dynamically distributed infrastructure. A security vulnerability exists in HashiCorp Consul, Consul Enterprise versions...