#vulnerability

Red Hat Security Advisory 2024-7818-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-7812-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-7811-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-7599-03 - Red Hat OpenShift Container Platform release 4.16.16 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, integer overflow, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2024-7590-03 - Red Hat OpenShift Container Platform release 4.12.67 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, open redirection, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2024-7457-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.4. Issues addressed include denial of service and information leakage vulnerabilities.

Chatbot companion platform muah.ai was hacked and had its chatbot prompts stolen.

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.

**What actions do customers need to take to protect themselves from this vulnerability?** Customers with Ubuntu Linux or Azure Linux based Azure Kubernetes Service (AKS) Node Pools using NVIDIA GPU driver configurations are affected by this vulnerability. Please see below for details on how to update your resources to be protected against this vulnerability. 1. Customers with Azure Linux based AKS Node Pool resources must manually install AKS Node image version 2024.1009.1 to be protected against this vulnerability by running the following CLI command: tdnf install https://packages.microsoft.com/cbl-mariner/2.0/prod/base/x86_64/Packages/n/nvidia-container-toolkit-1.16.2-1.cm2.x86_64.rpm **Note:** The AKS node image, version 20241009.1, will be deployed in November and contain this package by default. Customers can monitor the status of this deployment by using AKS Release Tracker. 2. Customers with Ubuntu Linux based AKS Node Pool resources must manually upgr...

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based