Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2023:3342
HistoryJun 21, 2023 - 4:52 p.m.

(RHSA-2023:3342) Moderate: OpenShift Container Platform 4.13.4 CNF vRAN extras security update

2023-06-2116:52:33
access.redhat.com
16
red hat
kubernetes
security update
container images
aws iam integration

0.005 Low

EPSS

Percentile

76.2%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.13. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2023:3614

All OpenShift Container Platform users are advised to upgrade to these updated packages and images.

Security Fix(es):

  • vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 13
osv 15
redhatcve 3
cgr 2
cvelist 3
cve 3
nvd 3
alpinelinux 4
googleprojectzero 1
veracode 3
prion 3
github 1
wolfi 2
debiancve 3
nessus 62
hackerone 2
cbl_mariner 8
cnvd 2
oraclelinux 5
redos 2
amazon 2
openvas 30
mageia 1
gentoo 1
almalinux 4
ubuntucve 2
ibm 5
rocky 2
fedora 7
altlinux 3
debian 1
slackware 1
redhat
redhat
(RHSA-2023:4025) Low: Red Hat OpenShift support for Windows Containers 7.1.0 [security update]
2023-07-18 00:16:34
(RHSA-2023:3379) Important: Red Hat Advanced Cluster Security for Kubernetes 3.73 security update
2023-05-31 11:14:52
(RHSA-2023:3265) Moderate: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update
2023-05-23 09:15:39
osv
osv
BIT-vault-2020-16250
2024-03-06 11:11:36
CVE-2020-16250
2020-08-26 15:15:12
Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault
2021-08-02 17:11:41
redhatcve
redhatcve
CVE-2020-16250
2023-02-06 10:56:04
CVE-2023-27535
2023-03-21 13:13:39
CVE-2022-36227
2022-11-22 20:26:02
cgr
cgr
CVE-2020-16250 vulnerabilities
2024-05-19 03:07:16
CVE-2022-36227 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2020-16250
2020-08-26 14:17:44
CVE-2022-36227
2022-11-22 00:00:00
CVE-2023-27535
2023-03-30 00:00:00
cve
cve
CVE-2020-16250
2020-08-26 15:15:12
CVE-2023-27535
2023-03-30 20:15:07
CVE-2022-36227
2022-11-22 02:15:11
nvd
nvd
CVE-2020-16250
2020-08-26 15:15:12
CVE-2023-27535
2023-03-30 20:15:07
CVE-2022-36227
2022-11-22 02:15:11
alpinelinux
alpinelinux
CVE-2020-16250
2020-08-26 15:15:12
CVE-2023-27535
2023-03-30 20:15:07
CVE-2022-36227
2022-11-22 02:15:11
googleprojectzero
googleprojectzero
Enter the Vault: Authentication Issues in HashiCorp Vault
2020-10-06 00:00:00
veracode
veracode
Authentication Bypass
2020-08-27 05:39:09
Authentication Bypass
2023-03-21 00:27:47
NULL Pointer Dereference
2022-11-30 04:04:28
prion
prion
Authentication flaw
2020-08-26 15:15:00
Null pointer dereference
2022-11-22 02:15:00
Authentication flaw
2023-03-30 20:15:00
github
github
Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault
2021-08-02 17:11:41
wolfi
wolfi
CVE-2020-16250 vulnerabilities
2024-06-29 09:08:33
CVE-2022-36227 vulnerabilities
2024-06-29 09:08:33
debiancve
debiancve
CVE-2023-27535
2023-03-30 20:15:07
CVE-2022-36227
2022-11-22 02:15:11
CVE-2023-0361
2023-02-15 18:15:11
nessus
nessus
RHEL 8 : curl (RHSA-2023:3106)
2023-05-17 00:00:00
RHEL 9 : curl (RHSA-2023:2650)
2023-05-13 00:00:00
CentOS 8 : curl (CESA-2023:3106)
2024-02-08 00:00:00
hackerone
hackerone
curl: CVE-2023-27535: FTP too eager connection reuse
2023-03-05 21:25:18
Internet Bug Bounty: CVE-2023-27535: FTP too eager connection reuse
2023-03-20 07:38:58
cbl_mariner
cbl_mariner
CVE-2023-27535 affecting package curl for versions less than 8.0.1-1
2023-04-16 00:48:11
CVE-2023-27535 affecting package rust for versions less than 1.72.0-2
2023-10-11 01:41:59
CVE-2023-27535 affecting package tensorflow for versions less than 2.16.1-1
2024-04-17 22:02:46
cnvd
cnvd
libarchive Code Execution Vulnerability
2022-11-24 00:00:00
A binary vulnerability exists in libarchive (CNVD-2022-90746)
2022-11-29 00:00:00
oraclelinux
oraclelinux
libarchive security update
2023-05-24 00:00:00
libarchive security update
2023-05-15 00:00:00
curl security update
2023-05-17 00:00:00
redos
redos
ROS-20221216-01
2022-12-16 00:00:00
ROS-20240404-08
2024-04-04 00:00:00
amazon
amazon
Low: libarchive
2023-11-29 22:20:00
Low: libarchive
2023-09-27 22:49:00
openvas
openvas
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2023-1389)
2023-02-10 00:00:00
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2023-1673)
2023-04-27 00:00:00
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2023-2045)
2023-06-07 00:00:00
mageia
mageia
Updated libarchive packages fix security vulnerability
2022-12-14 01:09:19
gentoo
gentoo
libarchive: Multiple Vulnerabilities
2023-09-29 00:00:00
almalinux
almalinux
Low: libarchive security update
2023-05-09 00:00:00
Moderate: curl security and bug fix update
2023-05-16 00:00:00
Moderate: curl security update
2023-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2023-27535
2023-03-20 00:00:00
CVE-2022-36227
2022-11-22 00:00:00
ibm
ibm
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Authentication in the RHEL UBI (CVE-2023-27535)
2024-01-19 22:15:14
Security Bulletin: IBM Event Streams is affected by libcurl vulnerability
2023-10-11 11:43:11
Security Bulletin: A security vulnerability in Vault affects Bastion Service of IBM Cloud Pak for Multicloud Management
2021-03-11 05:50:03
rocky
rocky
curl security and bug fix update
2023-05-18 19:18:14
gnutls security and bug fix update
2023-04-06 15:52:32
fedora
fedora
[SECURITY] Fedora 37 Update: libarchive-3.6.1-3.fc37
2022-12-19 01:16:09
[SECURITY] Fedora 37 Update: guile-gnutls-3.7.11-1.fc37
2023-03-01 02:02:40
[SECURITY] Fedora 36 Update: gnutls-3.8.0-2.fc36
2023-03-18 05:03:17
altlinux
altlinux
Security fix for the ALT Linux 10 package libarchive version 3.6.1-alt2
2022-12-12 00:00:00
Security fix for the ALT Linux 10 package gnutls30 version 3.6.16-alt3
2023-02-22 00:00:00
Security fix for the ALT Linux 9 package gnutls30 version 3.6.16-alt3
2023-03-01 00:00:00
debian
debian
[SECURITY] [DLA 3294-1] libarchive security update
2023-01-30 18:42:27
slackware
slackware
[slackware-security] gnutls
2023-02-10 20:14:21

0.005 Low

EPSS

Percentile

76.2%

JSON
Related for RHSA-2023:3342
redhat13osv15redhatcve3cgr2cvelist3cve3nvd3alpinelinux4googleprojectzero1veracode3prion3github1wolfi2debiancve3nessus62hackerone2cbl_mariner8cnvd2oraclelinux5redos2amazon2openvas30mageia1gentoo1almalinux4ubuntucve2ibm5rocky2fedora7altlinux3debian1slackware1