Month: February 2022

ウエスタンデジタルから、PCIe NVMe SSDのスタンダードモデル「WD Blue SN570 …

ジャズピアニスト・海野雅威が、3月2日発売のニュー・アルバム『Get My Mojo Back』から…

新しいデバイスChromebook新型コロナウイルスが猛威を振るい、テレワーク、サテライトオフィス、…

Nomad and Nomad Enterprise allows operators with job-submit capabilities to use the spread stanza in a way such that it can cause panic in Nomad servers. This vulnerability, CVE-2022-24684, was fixed in Nomad 1.0.18, 1.1.12, and 1.2.6.
References

http…

A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-2…

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-25…

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name …

Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
References

https://nvd.nist.gov/vuln/detail/CVE-2015-7528
https://github.com/kubernetes/kubernetes/pull/17886
https://github.com/openshift/origin/…