Have you ever heard of CVEs? Maybe not by their acronym, but Common Vulnerabilities and Exposures, monitored by The post The vulnerability puzzle: understanding base images and their relationship to CVEs appeared ...

A series of critical vulnerabilities has been uncovered in the Common Unix Printing System (CUPS), specifically in the The post CUPS: Unraveling a Critical Vulnerability Chain in Unix Printing Systems appeared first ...

Introduction Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands The post CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – A Deep Dive appeared first on ...

(We are talking about the xz/libzma backdoor identified with CVE-2024-3094) Background If you just woke up from hibernation The post Yet another reason why the xz backdoor is a sneaky b@$tard appeared ...

On March 29, 2024, Red Hat disclosed CVE-2024-3094, scoring a critical CVSS rating of 10. Stemming from a The post Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users appeared first ...

Transparency in vulnerability disclosure plays a crucial role in effective risk management, regardless of software development models. The The post 2023 Kubernetes vulnerability roundup appeared first on ARMO ...

CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the cluster. Read all The post Three new NGINX ingress controller vulnerabilities reported and how they affect Kubernetes ...

Kubernetes security: three new interrelated vulnerabilities affecting the Windows versions of Kubelet and the Kubernetes CSI proxy. Learn more. The post Kubelet vulnerabilities on Windows nodes: CVE-2023-3676, CVE-2023-3955 and CVE-2023-3893 appeared first ...