Lucene search

K

CVE-2023-27484

🗓️ 09 Mar 2023 21:11:15Reported by GitHub_MType 
cve
 cve
🔗 web.nvd.nist.gov👁 27 Views

crossplane-runtime in affected versions allows highly privileged users to specify an arbitrary high index in a patch's `ToFieldPath`, leading to excessive memory usage & potential OOM-Kill. Upgrade to versions 1.11.2, 1.10.3, or 1.9.2 advised

Show more
Related
Detection
Affected
Refs
Nvd
Vulners
Node
crossplanecrossplaneRange1.9.01.9.2
OR
crossplanecrossplaneRange1.10.01.10.3
OR
crossplanecrossplaneRange1.11.01.11.2
[
  {
    "vendor": "crossplane",
    "product": "crossplane",
    "versions": [
      {
        "version": "< 1.9.2",
        "status": "affected"
      },
      {
        "version": ">= 1.10.0, < 1.10.3",
        "status": "affected"
      },
      {
        "version": ">= 1.11.0, < 1.11.2",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo