Envoy is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the GrpcHealthCheckerImpl allowing an attacker to crash the system by controlling an upstream host and ...

Continue Reading

June 24, 2022

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2159-1 advisory. - An issue was discovered in SaltStack Salt in versi ...

Continue Reading

June 24, 2022

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2165-1 advisory. - runc is a CLI tool for spawning and runnin ...

Continue Reading

June 24, 2022

org.apache.sling:org.apache.sling.api and org.apache.sling:org.apache.sling.commons.log is vulnerable to log injection. A remote attacker with privileges to forge logs, is able to inject fake logs and ...

Continue Reading

June 24, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEhYBbHXwyhm74b8IQwmi-Wc-tE9lBbgcf0WU4kT9UfioRNG-DQPHJKs60BO3fiuhb0xYt7Ay1ERuT1VhtZ5iF1Iqpf8s_uKxFg1k2jmZgs8wHsj9GxN0lpNmrCqJS4uqFmU9aCtmnSw59QZty9 ...

Continue Reading

June 23, 2022

### Impact A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, inclu ...

Continue Reading

June 23, 2022

### Impact A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, inclu ...

Continue Reading

June 23, 2022

An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still r ...

Continue Reading

June 23, 2022