EUVD-2021-1430

Malware in sbrugna...

EUVD-2013-7072

Malware in sbrugna...

CVE-2021-32574

HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1...

Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers

A vulnerability was identified in Consul such that using JWT authentication for service mesh incorrectly allows/denies access regardless of service identities. This vulnerability, CVE-2023-3518, affects Consul 1.16.0 and was fixed in 1.16.1...

CVE-2023-3518 JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

SUSE-SU-2021:2817-1 Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3

This patch updates the Python AWS SDK stack in SLE 15: General: aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all change...

CVE-2021-32574

HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1...