what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2023-29400

Status Candidate

Overview

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

Related Files

Red Hat Security Advisory 2023-5442-01
Posted Oct 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5442-01 - Red Hat Advanced Cluster Management for Kubernetes 2.8.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41721, CVE-2023-24539, CVE-2023-24540, CVE-2023-26136, CVE-2023-29400, CVE-2023-29491, CVE-2023-30630
SHA-256 | 8ae212f8203286d8bd562c1b68bea127cf49e8e6953d776786190637a7155566
Red Hat Security Advisory 2023-5421-01
Posted Oct 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5421-01 - Multicluster Engine for Kubernetes 2.3.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41721, CVE-2023-24539, CVE-2023-24540, CVE-2023-26136, CVE-2023-29400, CVE-2023-29491, CVE-2023-30630, CVE-2023-34969, CVE-2023-3899
SHA-256 | 51b3f646b7889065f8eb3b36f5410d5de8ca85f551f03de5dac5ba6b67e59c2c
Red Hat Security Advisory 2023-4657-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4657-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.2. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-36227, CVE-2023-1667, CVE-2023-2283, CVE-2023-24532, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-26604, CVE-2023-27535, CVE-2023-29400
SHA-256 | d4bae85500f09cf097973f88a075fff6d34d937accbd3b8213b8c808023ce982
Red Hat Security Advisory 2023-4459-01
Posted Aug 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4459-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-24539, CVE-2023-29400
SHA-256 | 58c55fc1f8686d749cce82dbeb1f696f569b11acb8df93ed3cda8bdbe810d8c7
Red Hat Security Advisory 2023-4470-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4470-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41717, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | 2639cf755a3c3ed9e184abfb0ad9a85857b375f966f7a609555f0f70b38631e5
Red Hat Security Advisory 2023-4225-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-27561, CVE-2023-2828, CVE-2023-29400, CVE-2023-3089
SHA-256 | 1ee5cc88afc05f04f8cab5e69c08e0c0eb450ca34081c1800b05f30e7d89899b
Red Hat Security Advisory 2023-4293-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4293-01 - The Migration Toolkit for Containers (MTC) 1.7.11 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-41723, CVE-2023-1667, CVE-2023-2283, CVE-2023-24329, CVE-2023-24539, CVE-2023-26125, CVE-2023-26604, CVE-2023-29400, CVE-2023-29401
SHA-256 | a6c7962adce03ec3f046c6f9917c53d0076af524b7a7d3efc40bc00d003762f8
Red Hat Security Advisory 2023-4093-01
Posted Jul 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4093-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-1260, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-27561, CVE-2023-29400, CVE-2023-3089
SHA-256 | 42f5b37a1690f4f90b2865bfdb880b230d8b89ad887921d655eb0bd411cb7e4b
Red Hat Security Advisory 2023-4090-01
Posted Jul 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41717, CVE-2022-41723, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-27561, CVE-2023-29400, CVE-2023-3089, CVE-2023-32067
SHA-256 | 8f5d9de3dfbb5da2c5485d166d318d17bf75bee68e81bf76bb2233dc62e6de75
Red Hat Security Advisory 2023-4003-01
Posted Jul 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4003-01 - As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-28327, CVE-2022-2879, CVE-2022-2880, CVE-2022-41715, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-29400
SHA-256 | 3dd00e84e0da1c5c1edeaa0a26bd971bfab3a639be101a9c1603c4b46458cfce
Red Hat Security Advisory 2023-3918-01
Posted Jun 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3918-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-36227, CVE-2022-3627, CVE-2022-3970, CVE-2022-41723, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-2491, CVE-2023-27535, CVE-2023-29400
SHA-256 | 3c9cda8faf583f4e7bf0ad5ea35198b07d077a8396a9f233df6466a99c4e32a5
Red Hat Security Advisory 2023-3905-01
Posted Jun 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3905-01 - Network Observability 1.3.0 is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console. This update contains bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-28805, CVE-2022-36227, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-24539, CVE-2023-24540, CVE-2023-2650, CVE-2023-27535, CVE-2023-29400
SHA-256 | 9c1a4b3b6b1779c22972b35dae1d77dc4ebc7de0dffbdefb344d5318801994ff
Red Hat Security Advisory 2023-3540-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3540-01 - Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.13.3. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-29400
SHA-256 | 321930fd0f03c3570aa3eade7dc8f1028dcd1fc9c1aafdb4715a27b93e73385c
Ubuntu Security Notice USN-6140-1
Posted Jun 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41724, CVE-2022-41725, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | 4c0892c29923d587e920aa88852b4d12bbee8b977c127bd5b1543d381b37166e
Red Hat Security Advisory 2023-3445-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-28235, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | 8022eaac0c3e82604ca4e73943f3de81061c2de7fccf35ca03fb0994d928e220
Red Hat Security Advisory 2023-3435-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3435-01 - This release of RHACS 3.74.4 includes a fix for CVE-2023-24540 by building RHACS with updated Golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-36227, CVE-2023-24539, CVE-2023-24540, CVE-2023-2491, CVE-2023-27535, CVE-2023-29400
SHA-256 | 4fe2d77bc3da788cf0ca6899dcfd04ef999f40d4632db9fff2cc42c4509dccac
Red Hat Security Advisory 2023-3415-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | 9f844ced4bea3a65fb155e612256ae1b0c62dd6cc34ad0c3e7b08d97c82fc4c8
Red Hat Security Advisory 2023-3323-01
Posted May 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | facac1b3959c7a3cc684ecdb3a6ecbce948a55a2a2593e7f34403c524fb68b3e
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close