As organizations continue to adopt containers and Kubernetes for their applications, the need to secure these containers becomes increasingly important. Many applications are built with third-party sourced components from public image registries. Attackers are privy to the growing use of these third-party image registries, and often target them with malware, thus requiring special attention. Additionally, … ContinuedThe post Detecting Secrets in Container Images appeared first on VMware
More info:
https://blogs.vmware.com/security/2023/08/detecting-secrets-in-container-images.html?utm_source=rss&utm_medium=rss&utm_campaign=detecting-secrets-in-container-images
Security Advisory Description libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code.
More info:
https://my.f5.com/manage/s/article/K30444545?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesnt match a dynamic url- ...
More info:
https://my.f5.com/manage/s/article/K33548065?utm_source=f5support&utm_medium=RSS
Security Advisory Description curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. (CVE-2020-8286) Impact
More info:
https://my.f5.com/manage/s/article/K15402727?utm_source=f5support&utm_medium=RSS
Security Advisory Description In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. (CVE-2021-46143) Impact A remote attacker could send ...
More info:
https://my.f5.com/manage/s/article/K23231802?utm_source=f5support&utm_medium=RSS
Security Advisory Description In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isnt reset under certain circumstances. If the relevant memory area happened to be freed and ...
More info:
https://my.f5.com/manage/s/article/K10812540?utm_source=f5support&utm_medium=RSS
Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. (CVE-2021-34798) Impact A NULL ...
More info:
https://my.f5.com/manage/s/article/K72382141?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2021-45960 In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g. ...
More info:
https://my.f5.com/manage/s/article/K91589041?utm_source=f5support&utm_medium=RSS
