Day: 12 julio, 2022

Initial Publication Date: 2022/07/11 9:00 PST A security researcher recently reported an issue with the AWS IAM Authenticator for Kubernetes, used by Amazon Elastic Kubernetes Service (EKS). The researcher identified a query parameter validation issue within the authenticator plugin when configured to use the “AccessKeyID” template parameter within query strings. This issue could have permitted a knowledgeable attacker to escalate privileges within a Kubernetes cluster. Customers More info: https://aws.amazon.com/security/security-bulletins/AWS-2022-007/

Apache Tomcat vulnerability CVE-2022-34305 Security Advisory Security Advisory Description In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the ... More info: https://support.f5.com/csp/article/K00303143?utm_source=f5support&utm_medium=RSS