Download
| Alert*
oval:org.secpod.oval:def:44925
kubectl is installed oval:org.secpod.oval:def:1503980 kubectl is installed oval:org.secpod.oval:def:49671 kubectl is installed (dpkg) oval:org.secpod.oval:def:49672 The host is installed with Kubernetes versions prior to 1.10.11, 1.11.5, and 1.12.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle error responses to proxied upgrade requests in the kube-apiserver. Successful exploitation allows atta ... oval:org.secpod.oval:def:49673 The host is installed with Kubernetes versions prior to 1.10.11, 1.11.5, and 1.12.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle error responses to proxied upgrade requests in the kube-apiserver. Successful exploitation allows atta ... oval:org.secpod.oval:def:1505233 olcne [1.3.2-2] - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 - ... oval:org.secpod.oval:def:1505241 olcne [1.3.2-2] - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 - ... oval:org.secpod.oval:def:1502161 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1506227 kubernetes [1.21.14-3] - Addresses CVE-2022-3294 CVE-2022-3162 [1.21.14-2] - Fixed kubernetes-cni version. [1.21.14-1] - Addresses CVE-2022-3172 olcne [1.4.9-2] - Fix 1.21 kubernetes version to align with last upstream release [1.4.9-1] - Resolve kubernetes CVE-2022-3294 CVE-2022-3162 for version ... oval:org.secpod.oval:def:1506234 kubernetes [1.21.14-3] - Addresses CVE-2022-3294 CVE-2022-3162 [1.21.14-2] - Fixed kubernetes-cni version. [1.21.14-1] - Addresses CVE-2022-3172 olcne [1.4.9-2] - Fix 1.21 kubernetes version to align with last upstream release [1.4.9-1] - Resolve kubernetes CVE-2022-3294 CVE-2022-3162 for version ... oval:org.secpod.oval:def:1506235 kubernetes [1.22.16-1] - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes [1.23.14-1] - Added Oracle specific build files for Kubernetes kubernetes [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.8-4] - Fix 1.21 kubernetes ... oval:org.secpod.oval:def:1506230 kubernetes [1.22.16-1] - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes [1.23.14-1] - Added Oracle specific build files for Kubernetes kubernetes [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.8-4] - Fix 1.21 kubernetes ... oval:org.secpod.oval:def:1505832 olcne [1.5.4-3] - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over [1.5.4-2] - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 [1.5.4-1] - Upgrade Kubernetes to 1.23.7 [1.5.3-1] - Address qemu CVE-202 ... oval:org.secpod.oval:def:1505825 olcne [1.5.4-3] - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over [1.5.4-2] - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 [1.5.4-1] - Upgrade Kubernetes to 1.23.7 [1.5.3-1] - Address qemu CVE-202 ... oval:org.secpod.oval:def:1504925 helm [3.3.4-2] - Address CVE-2021-27918 coredns [1.7.0-1] - Added Oracle specific build files cri-o [1.18.4-2] - Fix for CVE-2021-27918 [1.18.4-1] - Added Oracle Specifile Files for cri-o cri-tools [1.18.0-2] - Address CVE-2021-27918 etcd [3.4.3-1.0.5] - Address CVE-2021-27918 flannel [0.12.0-2] - A ... oval:org.secpod.oval:def:1504897 coredns [1.7.0-1] - Added Oracle specific build files cri-o [1.18.4-2] - Fix for CVE-2021-27918 [1.18.4-1] - Added Oracle Specifile Files for cri-o cri-tools [1.18.0-2] - Address CVE-2021-27918 etcd [3.4.3-1.0.5] - Address CVE-2021-27918 flannel [0.12.0-2] - Address CVE-2021-27918 yq [3.4.0-2] - Add ... oval:org.secpod.oval:def:1506720 istio [1.15.7-1] - Added Oracle specific files for 1.15.7-1 kubernetes [1.24.8-2] - libct/cg: add misc controller to v1 drivers [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.12-6] - Updated the CVE ID"s in Istio-1.15.7 changelog entry [1.5.12-5] - Bug fix - Append a slash ... oval:org.secpod.oval:def:1506727 istio [1.15.7-1] - Added Oracle specific files for 1.15.7-1 kubernetes [1.24.8-2] - libct/cg: add misc controller to v1 drivers [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.12-6] - Updated the CVE ID"s in Istio-1.15.7 changelog entry [1.5.12-5] - Bug fix - Append a slash ... oval:org.secpod.oval:def:1506771 istio [1.16.4-1] - Added Oracle specific files for 1.16.4-1 kubernetes [1.25.7-2] - libct/cg: add misc controller to v1 drivers olcne [1.6.1-9] - Updated the CVE ID"s in Istio-1.16.4 changelog entry [1.6.1-8] - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x [1.6.1-7] - ... oval:org.secpod.oval:def:1506636 istio [1.16.4-1] - Added Oracle specific files for 1.16.4-1 kubernetes [1.25.7-2] - libct/cg: add misc controller to v1 drivers olcne [1.6.1-9] - Updated the CVE ID"s in Istio-1.16.4 changelog entry [1.6.1-8] - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x [1.6.1-7] - ... oval:org.secpod.oval:def:1504738 kubernetes [1.18.10-3] - Kata CVE-2020-28914 kata-proxy [1.11.5-1] - Added Oracle Specific Build Files for kata-proxy kata-shim [1.11.5-1] - Added Oracle Specific Build Files for kata-shim kata-ksm-throttler [1.11.5-1] - Added Oracle Specific Build Files for kata-ksm-throttler kata-runtime [1.11.5-1 ... oval:org.secpod.oval:def:1504757 kata-runtime [1.7.3-1.0.7] - Address CVE-2020-28914 kata [1.7.3-1.0.12] - UEKR6 guest kernel support [1.7.3-1.0.11] - Address CVE-2020-28914 kubernetes [1.17.9-1.0.6] - Kata CVE-2020-28914 olcne [1.1.10-1] - Address CVE-2020-28914: An improper file permissions vulnerability affects Kata Containers p ... oval:org.secpod.oval:def:1504770 olcne [1.1.5-2] - kubernetes pod subnet flag not honored in flannel configuration [1.1.5-1] - Address CVE-2020-16845 conmon [2.0.10-3] - Address CVE-2020-16845 coredns [1.6.5-1.0.3] - Address CVE-2020-16845 cri-o [1.17.0-1.0.5] - Address CVE-2020-16845 cri-tools [1.17.0-1.0.2] - Address CVE-2020-168 ... oval:org.secpod.oval:def:1504758 coredns [1.3.1-1.0.6] - Address CVE-2020-16845 [1.3.1-1.0.5] - Fix image location cri-o [1.14.7-1.0.8] - Address CVE-2020-16845 cri-tools [1.14.0-1.0.6] - Address CVE-2020-16845 etcd [3.3.10-1.0.5] - Address CVE-2020-16845 [3.3.10-1.0.4] - Fix image location flannel [0.10.0-2.1.12] - Address CVE-202 ... oval:org.secpod.oval:def:1506047 kubernetes [1.22.14-1] - Added Oracle specific build files for Kubernetes kubernetes [1.23.11-1] - Added Oracle specific build files for Kubernetes olcne [1.5.6-1] - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 - R ... oval:org.secpod.oval:def:1506046 kubernetes [1.22.14-1] - Added Oracle specific build files for Kubernetes kubernetes [1.23.11-1] - Added Oracle specific build files for Kubernetes olcne [1.5.6-1] - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 - R ... oval:org.secpod.oval:def:1506742 kubernetes [1.25.11-1] - Added Oracle specific build files for Kubernetes olcne [1.6.2-1] - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - Add all modules to registry-image-helper - update yq to 4.x [1.6.1-9] - Updated the CVE ID"s in Istio-1.16.4 changelog entry [1.6.1-8] - Update Is ... oval:org.secpod.oval:def:1506743 kubernetes [1.24.8-2] - libct/cg: add misc controller to v1 drivers [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.13-1] - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 - Added script to support upgrade from OL7 to OL8 using leapp oval:org.secpod.oval:def:1506697 kubernetes [1.25.11-1] - Added Oracle specific build files for Kubernetes olcne [1.6.2-1] - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - Add all modules to registry-image-helper - update yq to 4.x [1.6.1-9] - Updated the CVE ID"s in Istio-1.16.4 changelog entry [1.6.1-8] - Update Is ... oval:org.secpod.oval:def:1506713 kubernetes [1.24.8-2] - libct/cg: add misc controller to v1 drivers [1.24.8-1] - Added Oracle specific build files for Kubernetes olcne [1.5.13-1] - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 - Added script to support upgrade from OL7 to OL8 using leapp |