TencentOS Server 4: kubernetes (TSSA-2024:0866)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0866 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

GO-2024-2905 Openshift/telemeter: iss check during jwt authentication can be bypassed in github.com/openshift/telemeter

Openshift/telemeter: iss check during jwt authentication can be bypassed in github.com/openshift/telemeter...

CVE-2024-5037

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue "iss" check during JSON web token JWT authentication...

CVE-2024-5037

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue "iss" check during JSON web token JWT authentication...

CVE-2024-5037 Openshift/telemeter: iss check during jwt authentication can be bypassed

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue "iss" check during JSON web token JWT authentication...

CVE-2024-5037

CVE-2024-5037 – OpenShift Telemeter JWT iss check bypass : The vulnerability affects OpenShift’s Telemeter component, where a forged JWT can bypass the issuer (

CVE-2024-5037 Openshift/telemeter: iss check during jwt authentication can be bypassed

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue "iss" check during JSON web token JWT authentication...

CVE-2024-5037

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue "iss" check during JSON web token JWT authentication...

Red Hat OpenShift Telemeter Security Vulnerability

Red Hat OpenShift Telemeter is a set of components for OpenShift remote health monitoring from Red Hat USA. A security vulnerability exists in Red Hat OpenShift Telemeter that stems from the fact that authentication can be bypassed...

PT-2024-4052 · Red Hat · Openshift Telemeter

Name of the Vulnerable Software and Affected Versions: OpenShift Telemeter affected versions not specified Description: The issue is related to a flaw in OpenShift's Telemeter that allows an attacker to bypass authentication using a forged token. This can be done by exploiting the "iss" check...

Exposure Of Sensitive Information

github.com/openshift/cluster-monitoring-operator is vulnerable to Exposure of Sensitive Information. The vulnerability is due to an annotation in the telemeter-client pod in the openshift-monitoring namespace that contains the cluster's pull secret, which can be accessed by users with sufficient...