OPENSUSE-SU-2024:13813-1 libmbedcrypto7-2.28.8-1.1 on GA media

These are all security issues fixed in the libmbedcrypto7-2.28.8-1.1 package on the GA media of openSUSE Tumbleweed...

Design/Logic Flaw

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the...

CVE-2023-28110 JumpServer Koko vulnerable to Command Injection for Kubernetes Connection

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the...