Ubuntu Security Notice 7061-1 - Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template.
366aa6bc269ca28c4b992ad13527bd77d7968a9ad5dcd84915ed51954acbe4c1Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05Gentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.
7cd3fdaa4650cc67226eaaa58c1a34f9f619b6ed9f3c06868a9c23ebed7861b0Red Hat Security Advisory 2023-4986-01 - The Red Hat OpenShift Distributed Tracing 2.9 container images have been released. Users of Red Hat OpenShift Distributed Tracing 2.8 container images are advised to upgrade to these updated images, which contain backported patches to correct security issues, fix bugs, and include further enhancements. You can find images updated by this advisory in Red Hat Container Catalog. Issues addressed include a denial of service vulnerability.
12d08e8305fdcf37f527a0e72351ae2fa5375af40ae93a1ba83b224d7b2fbc2cRed Hat Security Advisory 2023-4657-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.2. Issues addressed include a denial of service vulnerability.
d4bae85500f09cf097973f88a075fff6d34d937accbd3b8213b8c808023ce982Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
e6adec08a41db66a6b16db061aa69314b8013291796ba90e7c9baac7c7edf27cRed Hat Security Advisory 2023-4335-01 - The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to developers working within your Kubernetes cluster. Issues addressed include a denial of service vulnerability.
81b639b773dc9bc98d3be0e65210b5f630f2ddc9a2cc9d106f9c169b18da4f25Red Hat Security Advisory 2023-4470-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a denial of service vulnerability.
2639cf755a3c3ed9e184abfb0ad9a85857b375f966f7a609555f0f70b38631e5Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.
ce4492864dcb382a006d5197438c039f97330f652c6c8aed7cc631262735dfe7Red Hat Security Advisory 2023-4225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.6.
1ee5cc88afc05f04f8cab5e69c08e0c0eb450ca34081c1800b05f30e7d89899bRed Hat Security Advisory 2023-4093-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.
42f5b37a1690f4f90b2865bfdb880b230d8b89ad887921d655eb0bd411cb7e4bRed Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.
8f5d9de3dfbb5da2c5485d166d318d17bf75bee68e81bf76bb2233dc62e6de75Red Hat Security Advisory 2023-4003-01 - As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site. Issues addressed include a denial of service vulnerability.
3dd00e84e0da1c5c1edeaa0a26bd971bfab3a639be101a9c1603c4b46458cfceRed Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.
724accdac3b7f95b4f3363d179ec538613ecd750bc64aa5314da609103e8ad20Red Hat Security Advisory 2023-3918-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
3c9cda8faf583f4e7bf0ad5ea35198b07d077a8396a9f233df6466a99c4e32a5Red Hat Security Advisory 2023-3943-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.
12a54616440b7d99d35b629e1ac2d1c4e4871805c65bd8ab7f7436bab130e12eRed Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.
ea9917b98cd5b9cbd392b57a3ac838f9c1a315a3707d8b46feb8cd1c85c208eeRed Hat Security Advisory 2023-3540-01 - Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.13.3. Issues addressed include a denial of service vulnerability.
321930fd0f03c3570aa3eade7dc8f1028dcd1fc9c1aafdb4715a27b93e73385cUbuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.
4c0892c29923d587e920aa88852b4d12bbee8b977c127bd5b1543d381b37166eRed Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.
8022eaac0c3e82604ca4e73943f3de81061c2de7fccf35ca03fb0994d928e220Red Hat Security Advisory 2023-3450-01 - OpenShift Serverless 1.29.0 has been released. The References section contains CVE links providing detailed severity ratings for each vulnerability. Issues addressed include a denial of service vulnerability.
da7236d0f2323c0684fbb3d6fc94e6e005e11ba6da118b55eaf878f9f6e2b5e0Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
facac1b3959c7a3cc684ecdb3a6ecbce948a55a2a2593e7f34403c524fb68b3eUbuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.
d693c7af1fb087931225b61859ba4862bde511f2a7551346eb8eb6777bf0309d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed