#kubernetes

CVE-2023-39726: "[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs

An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.

1 year ago

CVE

Open in Source

#xss #vulnerability #web #mac #windows #apple #linux #debian #red_hat #dos #git #kubernetes #rce #perl #pdf #buffer_overflow #auth #ssh #ssl

Darktrace Unveils Cloud-Native Security Solution Using AI

1 year ago

DARKReading

Open in Source

#web #amazon #git #kubernetes #intel #aws

Protecting your intellectual property and AI models using Confidential Containers

Protecting intellectual property and proprietary artificial intelligence (AI) models has become increasingly important in today's business landscape. Unauthorized access can have disastrous consequences with respect to competitiveness, compliance and other vital factors, making it essential to implement leading security measures. Confidential computing is one of these technologies, using hardware-based trusted execution environments (TEEs) to create enclaves with strengthened security postures. These enclaves help protect sensitive data and computations from unauthorized access, even by pr

1 year ago

Red Hat Blog

Open in Source

#ios #mac #google #microsoft #kubernetes #intel #aws #amd #auth

CVE-2023-5043: CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution · Issue #10571 · kubernetes/ingress-nginx

Ingress nginx annotation injection causes arbitrary command execution.

1 year ago

CVE

Open in Source

#vulnerability #kubernetes #nginx

CVE-2022-4886: CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed · Issue #10570 · kubernetes/ingress-nginx

Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.

1 year ago

CVE

Open in Source

#vulnerability #web #git #kubernetes #nginx

CVE-2023-5044: CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation · Issue #10572 · kubernetes/ingress-nginx

Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.

1 year ago

CVE

Open in Source

#vulnerability #kubernetes #nginx

Red Hat Security Advisory 2023-6084-01

Red Hat Security Advisory 2023-6084-01 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #web #red_hat #ddos #dos #js #kubernetes

Red Hat Security Advisory 2023-5896-01

Red Hat Security Advisory 2023-5896-01 - Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #web #red_hat #ddos #dos #js #kubernetes #rpm

Red Hat Security Advisory 2023-5895-01

Red Hat Security Advisory 2023-5895-01 - Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs.

1 year ago

Packet Storm

Open in Source

#vulnerability #web #red_hat #js #kubernetes #rpm

Ask An OpenShift Admin episode 117: Security considerations while designing a CI/CD Pipeline

When designing your CI/CD pipelines, security should not be an afterthought for application development. A comprehensive security approach—from code development to implementation—needs to start at Day 0. According to the State of Software Supply Chain report, there has been a 742% average annual rise in software supply chain attacks over the past three years. A Cost of a Data Breach report found that 20% of data breaches are due to a compromised software supply chain. Possibly as a result, almost 1 in 3 respondents of the State of Kubernetes Security report experienced revenue

1 year ago

Red Hat Blog

Open in Source

#vulnerability #red_hat #kubernetes

Tag

#kubernetes