(RHSA-2023:0466) Important: Red Hat OpenShift GitOps security update
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * ArgoCD: JWT audience claim is not verified (CVE-2023-22482) For more ...
Continue Reading
January 26, 2023
(RHSA-2023:0467) Important: Red Hat OpenShift GitOps security update
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * ArgoCD: JWT audience claim is not verified (CVE-2023-22482) * ArgoCD ...
Continue Reading
January 26, 2023
(RHSA-2023:0468) Important: Red Hat OpenShift GitOps security update
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * ArgoCD: JWT audience claim is not verified (CVE-2023-22482) For more ...
Continue Reading
January 26, 2023
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects
### Impact This issue affects Rancher versions from 2.5.0 up to and including 2.5.16, from 2.6.0 up to and including 2.6.9 and 2.7.0. It was discovered that the security advisory CVE-2021-36782 (GHSA- ...
Continue Reading
January 26, 2023
Rancher cattle-token is predictable
### Impact An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the `cattle-token` secret, used by the `cattle-cluster-agent`, is predictable. Even after the token is ...
Continue Reading
January 26, 2023
RHEL 7 : rh-mariadb103-mariadb and rh-mariadb103-galera (RHSA-2020:5246)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5246 advisory. - mysql: Server: Replication unspecified ...
Continue Reading
January 24, 2023
RHEL 8 : openstack-octavia (RHSA-2020:0721)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0721 advisory. - openstack-octavia: amphora-agent not requiring c ...
Continue Reading
January 24, 2023
RHEL 6 / 7 : rh-java-common-xmlrpc (RHSA-2020:0310)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0310 advisory. - xmlrpc: Deserialization of server-side excep ...
Continue Reading
January 24, 2023
CVE-2023-21890
Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitab ...
Continue Reading
January 18, 2023
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2021-22939, CVE-2021-22931, CVE-2020-7598)
## Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilites (CVE-2021-22939, CVE-2021-22931, CVE-2020-7598) which allowed a remote attacker to exploit thi ...
Continue Reading
January 17, 2023
