Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failur...

Important: kernel-livepatch-4.14.348-265.565

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected Packages: kernel-livepatch-4.14.348-265.565 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Advisory ROSA-SA-2023-2202

Software: python 3.6.8 OS: rosa-server79 packageevrstring: python-3.6.8-19.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...

ROS-2-580

2.580 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

Important: kernel-livepatch-5.10.59-52.142

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-5.10.59-52.142 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-5.10.59-52.142 or yum update --advisory ALAS2LIVEPATCH-2021-067 to update your system. New...

Low: perl-IPTables-Parse

Issue Overview: A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. Affected Packages:...

Linux Software Detection Application Removal (via Splunk): yum

Binary data 710035.prm...