github.com/rancher/rancher is vulnerable to Incorrect Permission Assignment. The vulnerability is due to a flaw where users were granted access to resources regardless of the resource's API group ...
Continue Reading
April 25, 2024
github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to the API proxy not dropping the impersonation header before sending the request to the Kubernetes API, a ...
Continue Reading
April 25, 2024
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM pac ...
Continue Reading
April 25, 2024
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.27 and prior. Easily exploitable ...
Continue Reading
April 25, 2024
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform thi ...
Continue Reading
April 25, 2024
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordf ...
Continue Reading
April 25, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory....Read More ...
Continue Reading
April 25, 2024
Impact A flaw discovered in Rancher versions from 2.5.0 up to and including 2.5.9 allows an authenticated user to impersonate any user on a cluster through the Steve API proxy, without requiring knowl ...
Continue Reading
April 25, 2024
Back to Main
