Recent Advisories.
A guide to the risk categories is available at Notes On Risk.
| Date | Title | Contents/Link | CVE(s) (if applicable) |
|---|---|---|---|
| 2023-07-04 Updated 2024-12-03 | MODERATE risk Indigo IAM XSS vulnerability [EGI-SVG-2023-20] | Advisory-EGI-SVG-2023-20 | N/A |
| 2024-10-02 Updated 24-11-07 | CRITICAL risk Nvidia container escape Vulnerability [EGI-SVG-2024-22] | Advisory-EGI-SVG-2024-22 | CVE-2024-0132 |
| 2024-10-29 | Multiple Intel Processor Vulnerabilities [EGI-SVG-2024-24] | Advisory-EGI-SVG-2024-24 | CVE-2023-42667 + more |
| 2024-08-20 Updated 2024-10-09, 2024-10-24 | CRITICAL risk SAML Authentication bypass flaw [EGI-SVG-2024-21 | Advisory-EGI-SVG-2024-21 | CVE-2024-45409 |
| 2024-08-20 Updated 2024-10-09 | HIGH risk Flaw in Linux kernel’s network route management [EGI-SVG-2024-19] | Advisory-EGI-SVG-2024-19 | CVE-2024-36971 |
| 2024-10-04 Updated 2024-10-08 | HIGH risk - CUPS vulnerabilities [EGI-SVG-2024-23] | Advisory-EGI-SVG-2024-23 | CVE-2024-47176 + more |
| 2024-07-31 Updated 2024-08-02, 2024-09-12 | HIGH risk - voms-proxy-init susceptible to proxy theft [EGI-SVG-2024-15] | Advisory-EGI-SVG-2024-15 | N/A |
| 2024-09-11 | SLUBStick Attack Scenario [EGI-SVG-2024-20] | Advisory-EGI-SVG-2024-20 | N/A |
| 2024-07-29 Updated 2024-09-11 | CRITICAL risk Docker Vulnerability [EGI-SVG-2024-17] | Advisory-EGI-SVG-2024-17 | CVE-2024-41110 |
| 2024-07-23 Updated 2024-08-22 | HIGH risk vulnerability in libndp [EGI-SVG-2024-16] | Advisory-EGI-SVG-2024-16 | CVE-2024-5564 |
| 2024-07-11 Updated 2024-08-22 | HIGH risk ANOTHER OpenSSH vulnerability [EGI-SVG-2024-14] | Advisory-EGI-SVG-2024-14 | CVE-2024-6409 |
| 2024-07-11 Updated 2024-08-22 | HIGH risk OpenSSH vulnerability [EGI-SVG-2024-13] | Advisory-EGI-SVG-2024-13 | CVE-2024-6387 |
| 2024-07-09 Updated 2024-08-22 | HIGH risk OpenStack arbitrary file access vulnerability [EGI-SVG-2024-12] | Advisory-EGI-SVG-2024-12 | CVE-2024-32498 |
| 2024-06-03 Updated 2024-07-25 | ALERT Apptainer github/containers/image Vulnerability [EGI-SVG-2024-11] | Advisory-EGI-SVG-2024-11 | CVE-2024-3727 |
| 2024-05-03 Updated 2024-06-05 | HIGH risk glibc vulnerability [EGI-SVG-2024-10] | Advisory-EGI-SVG-2024-10 | CVE-2024-2961 |
| 2024-04-10 Updated 2024-05-24 | CRITICAL risk Netfilter vulnerability [EGI-SVG-2024-08] | Advisory-EGI-SVG-2024-08 | CVE-2024-1086 |
| 2024-03-06 Updated 2024-04-19 | HIGH risk Linux Kernel vulnerabilities (RHEL9) [EGI-SVG-2024-06] | Advisory-EGI-SVG-2024-06 | CVE-2023-6817 + more |
| 2024-03-06 Updated 2024-04-10 | HIGH risk Linux Kernel vulnerabilities [EGI-SVG-2024-05] | Advisory-EGI-SVG-2024-05 | CVE-2023-4623 + more |
| 2024-03-05 Updated 2024-04-10 | HIGH risk vulnerability in Lustre [EGI-SVG-2024-04] | Advisory-EGI-SVG-2024-04 | CVE-2023-51786 |
| 2024-04-03 Updated 2024-04-10 | CRITICAL risk vulnerability in xz data compression tools [EGI-SVG-2024-07] | Advisory-EGI-SVG-2024-07 | CVE-2024-3094 |
| 2024-02-12 Updated 2024-03-15 | HIGH risk vulnerability in runc affecting containers [EGI-SVG-2024-03] | Advisory-EGI-SVG-2024-03 | CVE-2024-21626 |
| 2024-01-30 Updated 2024-03-15 | HIGH risk array indexing vulnerability in netfilter [EGI-SVG-2023-54] | Advisory-EGI-SVG-2023-54 | CVE-2023-42753 |
| 2024-01-18 Updated 2024-02-20 | HIGH risk Linux privilege escalation Vulnerabilities [EGI-SVG-2024-01] | Advisory-EGI-SVG-2024-01 | CVE-2023-4206 + 2 more |
| 2023-12-14 Updated 2024-02-20 | CRITICAL risk Multiple SLURM Vulnerabilities [EGI-SVG-2023-59] | Advisory-EGI-SVG-2023-59 | CVE-2023-49934 + 5 more |
| 2023-09-25 Updated 2024-02-20 | CRITICAL risk PMIX race condition vulnerability [EGI-SVG-2023-51] | Advisory-EGI-SVG-2023-51 | CVE-2023-41915 |
| 2023-08-23 Updated 2024-02-19 | HIGH risk AMD CPU Processor Vulnerability [EGI-SVG-CVE-2023-20569] | Advisory-SVG-CVE-2023-20569 | CVE-2023-20569 |
| 2023-08-16 Updated 2023-10-19, 2024-02-19 | HIGH risk Intel Downfall Vulnerability [EGI-SVG-CVE-2022-40982] | Advisory-SVG-CVE-2022-40982 | CVE-2022-40982 |
| 2023-07-26 Updated 2023-08-15, 2023-09-21, 2023-09-22, 2024-02-16 | ALERT Zenbleed speculative execution vulnerability [EGI-SVG-CVE-2023-20593] | Advisory-SVG-CVE-2023-20593 | CVE-2023-20593 |
| 2023-11-21 Updated 2024-10-29 | Intel processor vulnerability [EGI-SVG-2023-58] | Advisory-EGI-SVG-2023-58 | CVE-2023-23583 |