#vulnerability

Red Hat Security Advisory 2024-8546-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General Availability release images, which fix bugs and update container images.

Red Hat Security Advisory 2024-8543-03 - An update for the pki-core:10.6 and pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-8534-03 - An update is now available for Red Hat Ansible Automation Platform 2.5. Issues addressed include cross site scripting and memory exhaustion vulnerabilities.

Red Hat Security Advisory 2024-8533-03 - Multicluster Engine for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images.

Red Hat Security Advisory 2024-8528-03 - An update for pki-servlet-engine is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

Chrome issued a security update that patches two critical vulnerabilities. One of which was reported by Apple

### Impact Users of this library that set a duration for a SAS Uri with a value other than 1 hour may have generated a URL with a duration that is longer, or shorter than desired. Users not implemented SAS Uri's are unaffected. ### Patches This issue was resolved in version 8.0.0 of the library, all users should update to this version ASAP. ### Workarounds None

### Impacted Products Snowflake JDBC driver versions >= 3.2.6 & <= 3.19.1 are affected. ### Introduction Snowflake recently identified an issue affecting JDBC drivers that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption. The issue, which affects only a subset of accounts hosted on Azure and GCP deployments (AWS deployments are not affected), manifests in instances where customers create a stage using a JDBC driver with the CLIENT_ENCRYPTION_KEY_SIZE account parameter set to 256-bit rather than the default 128-bit. The data is still protected by TLS in transit and server side encryption at rest. This missed layer of the additional protection is not visible to the affected customers. ### Incorrect Security Setting Vulnerability #### Description Snowflake identified an incorrect security setting in Snowflake JDBC drivers. Snowflake has evaluated the severity of the issue and determined it was in mediu...

Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability and reliability.

Using a malicious Chrome extension, researchers showed how an attacker could use a now-fixed bug to inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.