This advisory contains the following OpenShift Virtualization 4.8.7 images: RHEL-8-CNV-4.8 ============== vm-import-controller-container-v4.8.7-4 ovs-cni-marker-container-v4.8.7-6 virt-cdi-apiserver-c ...
Continue Reading
October 11, 2022
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess o ...
Continue Reading
October 10, 2022
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are be ...
Continue Reading
October 10, 2022
This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an ar ...
Continue Reading
October 10, 2022
How to reproduce 1.Bring up the test network.(https://hyperledger-fabric.readthedocs.io/en/latest/test_network.html#bring-up-the-test-network) 2.Run the PoC. ```bash go run poc.go -server=192.168.0.20 ...
Continue Reading
October 10, 2022
## Summary: Reddit.secure.force.com is Reddit SalesForce instance. Attacker is able to send attachments of disallowed filetypes to this server. The attacker is able to send malicious documents such as ...
Continue Reading
October 10, 2022
Vulnerability Management is a foundational component of any cybersecurity program for the implementation of appropriate security controls and the management of cyber risk. Earlier this year Qualys int ...
Continue Reading
October 10, 2022
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1 ...
Continue Reading
October 09, 2022
Back to Main
