#jira

Red Hat OpenShift Container Platform release 4.9.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29036: credentials: Stored XSS vulnerabilities in jenkins plugin * CVE-2022-29041: Jira: Stored XSS vulnerabilities in Jenkins Jira plugin * CVE-2022-29046: subversion: Stored XSS vulnerabil...

By Deeba Ahmed Microsoft has discovered a new Sysrv botnet variant deploying cryptocurrency miners on Windows and Linux systems. The Microsoft… This is a post from HackRead.com Read the original post: New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer

The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users' browser.

Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.

An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.

Red Hat Security Advisory 2022-1739-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the containers for the release.

Scamming, phishing and other data theft is all part of Nigeria Tesla's portfolio. The post Nigerian Tesla: 419 scammer gone malware distributor unmasked appeared first on Malwarebytes Labs.

Red Hat Security Advisory 2022-1712-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 8 serves as a security patch for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.