Anten Skrabec

**Name of the Vulnerable Software and Affected Versions** libxml2 (affected versions not specified) **Description** A flaw exists when the library processes a specially crafted XML Schema Definition (XSD) validated document containing an internal entity reference. An attacker can provide a malicious document to trigger a type confusion error, resulting in an application crash and a subsequent denial of service (DoS), which renders the affected system or application unavailable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** kube-controller-manager (affected versions not specified) **Description** A flaw was found in kube-controller-manager, causing a denial of service due to KCM pods going into restart churn when the initial application of a HPA config YAML lacks a `.spec.behavior.scaleUp` block. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenStack (affected versions not specified) **Description** A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in its scope, it deletes other existing access rules which are not associated with any application credentials. This issue may allow a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

CVE-2023-6596 Description<!---->An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift https://t.co/1DCu3XGSvy incomplete fix was shipped for the Rapid Reset (CVE-20... https://t.co/DX7Qnsy9u7

**Name of the Vulnerable Software and Affected Versions** python-eventlet (affected versions not specified) **Description** The issue is related to incorrect cleanup or release of resources in the python-eventlet library of the OpenStack Platform. This could allow a remote attacker to cause a denial of service. A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat OpenShift Data Science (affected versions not specified) **Description** A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster and saves them in plain text in the generated output instead of an ID for a Kubernetes secret. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** distribution versions prior to 2.8.2-beta.1 **Description** A flaw was found in the `/v2/ catalog` endpoint, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n`, causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory. The issue is related to unrestricted resource allocation and can be exploited by a remote attacker to cause a denial of service. **Recommendations** Upgrade to at least 2.8.2-beta.1 if you are running `v2.8.x` release. If you use the code from the main branch, update at least to the commit after the specified commit. Restrict access to the affected `/v2/ catalog` API endpoint to minimize the risk of exploitation. Keep this API endpoint behind heightened privilege and avoid leaving it exposed to the internet.

**Name of the Vulnerable Software and Affected Versions** Open vSwitch (affected versions not specified) **Description** A flaw in Open vSwitch is related to insufficient handling of exceptional states due to incorrect checking of Geneve packet metadata. This issue may allow a remote attacker to cause a denial of service if hardware offloading via the netlink path is enabled. The flaw is triggered by crafted Geneve packets and may result in invalid memory accesses. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenShift Container Platform (affected versions not specified) **Description** A credentials leak was found in the OpenShift Container Platform, where the private key for the external cluster certificate was stored incorrectly in the oauth-serving-cert ConfigMaps. This made it accessible to any authenticated OpenShift user or service-account. A malicious user could exploit this flaw by reading the oauth-serving-cert ConfigMap in the openshift-config-managed namespace, compromising any web traffic secured using that certificate. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenShift (affected versions not specified) **Description** An Improper Certificate Validation attack was found in OpenShift. A re-encrypt Route with `destinationCACertificate` explicitly set to the default `serviceCA` skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** servicemesh-operator (affected versions not specified) **Description** A flaw was found in the servicemesh-operator, where the NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed. This allows access to all ports on these resources from any pod, posing a threat to data confidentiality and integrity, as well as system availability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.