by EGI CSIRT | Sep 7, 2021 | Advisories, News
A vulnerability in JupyterLab (CVE-2021-32797) and in Jupyter Notebook (CVE-2021-32798) have been reported and allow untrusted code execution. Sites providing those services should update to the latest version of JupyterLab and Jupyter Notebook. Details can be found...
by EGI CSIRT | Sep 7, 2021 | Advisories, News
Two vulnerabilities in HTCondor have been found, one of them may allow users to run code as another user or read the data accessible to that user’s running jobs, which is considered a HIGH risk for EGI infrastructure. Versions 8.8.15, 9.0.4, 9.1.2 contain fixes...
by EGI CSIRT | Jun 8, 2021 | Advisories, News
A serious vulnerability has been found in Apache Struts on which VOMS-Admin is dependent. The exploit of this vulnerability could cause remote code execution. Apache Struts version 2.5.26 fixes this issue. Sites running VOMS-Admin should upgrade to voms-admin-server...
by EGI CSIRT | May 12, 2021 | Advisories, News
The Squid project has publicly announced new vulnerabilities, one of which is deemed HIGH risk, viz. CVE-2020-25097, because it may allow services to be exposed that are not directly accessible from the client host. The other ones only concern potential denial of...
by EGI CSIRT | Apr 9, 2021 | Advisories, News
We would like to point out two vulnerabilities found in the Linux Kernel, that are high risk for our infrastructure. CVE-2020-25211 A buffer overflow vulnerability has been announced by RedHat which may allow a local user to crash the system, compromise data...
by EGI CSIRT | Mar 22, 2021 | Advisories, News
2 vulnerabilities have been found concerning HTCondor, affecting a limited number of versions. One may allow any authenticated user to impersonate any other user on the Condor system, and potentially reconfigure the HTCondor daemons. The other may allow any...
Recent Comments