Lucene search
GoogleOSV:CVE-2022-0270HistoryJan 25, 2022 - 8:15 p.m.
CVE-2022-0270
2022-01-2520:15:08
Google
osv.dev
4
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bored-agent | eq | 0.5.5 | |
| bored-agent | eq | 0.1.0 | |
| bored-agent | eq | 0.4.0 | |
| bored-agent | eq | 0.2.0 | |
| bored-agent | eq | 0.6.0 | |
| bored-agent | eq | 0.5.3 | |
| bored-agent | eq | 0.4.2 | |
| bored-agent | eq | 0.4.1 | |
| bored-agent | eq | 0.5.4 | |
| bored-agent | eq | 0.5.2 |
Related
cve
cve
CVE-2022-0270
2022-01-25 20:15:08
nvd
nvd
CVE-2022-0270
2022-01-25 20:15:08
prion
prion
Code injection
2022-01-25 20:15:00
cvelist
cvelist