Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For...
7.5AI Score
EPSS
Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For...
EPSS
3.7CVSS
4.8AI Score
0.001EPSS
7.5AI Score
0.0004EPSS
7.8AI Score
EPSS
7.9AI Score
EPSS
7.5CVSS
8.8AI Score
0.001EPSS
9.8CVSS
9.7AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5AI Score
7.5AI Score
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: slsa-verifier, flux-source-controller, zot, gitsign, policy-controller, neuvector-sigstore-interface, apko, kubescape, ko, wolfictl, tekton-chains, falco, melange, goreleaser, tkn, aactl, falcoctl, spire-server, skaffold, vexctl,...
7.5AI Score
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: argo-workflows, slsa-verifier, terragrunt, flux-source-controller, external-secrets-operator, argo-cd, traefik, flux-kustomize-controller, gitsign, oauth2-proxy, sops, kubescape, dex, fulcio, kyverno, tekton-chains, cert-manager, kots, cosign, falco,...
7.5AI Score
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: kine, argo-workflows, kube-bench, keda, k3s, step-ca, spicedb, kots, telegraf, amass, temporal-server, caddy, trillian, vault, src,...
9.8CVSS
9.7AI Score
0.0004EPSS
GHSA-232P-VWFF-86MP vulnerabilities
Vulnerabilities for packages: helm, apko, bom, ctop, up, ko,...
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-workflows, flux-notification-controller, argo-cd, pulumi-kubernetes-operator,...
7.5CVSS
7.7AI Score
0.0005EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5CVSS
7.7AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5AI Score
5.3CVSS
7.2AI Score
0.0005EPSS
7.5AI Score
7.2CVSS
7.3AI Score
0.0004EPSS
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: policy-controller, docker-compose, buf, helm-push, dagger, prometheus, tekton-pipelines, syft, grype, cri-tools, harbor-scanner-trivy, neuvector-scanner, wolfictl, k3d, melange, kaniko,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: kubernetes, ctop, ingress-nginx-controller, telegraf, grype, zot, nvidia-device-plugin, kubescape, datadog-agent, syft, nerdctl, wolfictl, kaniko, k9s, k3s, kots, skopeo, trivy, zarf, buildkitd, runc, newrelic-infrastructure-agent, cadvisor, docker, skaffold,...
8.6CVSS
9.2AI Score
0.051EPSS
7.2AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
8.8CVSS
7.1AI Score
0.003EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
Vulnerabilities for packages: kubernetes-dns-node-cache, consul,...
5.3CVSS
5.5AI Score
0.0004EPSS
7.5AI Score
8.8CVSS
7.2AI Score
0.0004EPSS
8.8CVSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.8CVSS
7.5AI Score
0.001EPSS
4.7CVSS
7.5AI Score
0.0004EPSS