Project “Gardener” Security Vulnerabilities
Listening in at Latimer House. RF emissions and more
Loose lips sink ships, loose tweets sink fleets. Intelligence, espionage, technological advancements and other learnings from our annual company conference at the historic and underappreciated Latimer House. “Loose lips [might] sink ships” was a phrase used in UK propaganda posters in WWII. It...
6.6AI Score
Two New Trends Make Early Breach Detection and Prevention a Security Imperative
Key signs to look for in today’s complex data threat landscape Introduction The most vulnerable data repositories are the ones deep in your organization’s infrastructure. Everyone assumes they are safe, but as with your home, organizations must invest in security at entry points. Otherwise, the...
10CVSS
0.4AI Score
0.975EPSS
github.com/gardener/gardener is vulnerable to information disclosure. It does not block traffic from shoot to seed via the VPN endpoint, causing lack of correct access control enforcement in seed clusters. Therefore, an attacker can send HTTP GET request from one's own shoot clusters to foreign...
7.5CVSS
7.1AI Score
0.002EPSS
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not...
7.5CVSS
8.1AI Score
0.002EPSS
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not...
7.5CVSS
7.2AI Score
0.002EPSS
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not...
7.5CVSS
6.4AI Score
0.002EPSS
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not...
8.5CVSS
7.2AI Score
0.002EPSS
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not...
8.5CVSS
8AI Score
0.002EPSS
github.com/gardener/gardener is vulnerable to authentication bypass attacks. The vulnerability exists due to the combined issues with kube-apiserver, and a missing cleanup to isolate network resources, and potentially allows exploitation in the Gardener...
8.5CVSS
8.5AI Score
0.004EPSS
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with...
8.5CVSS
8.2AI Score
0.004EPSS
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with...
8.5CVSS
8.2AI Score
0.004EPSS
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with...
8.5CVSS
6.8AI Score
0.004EPSS
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with...
8.5CVSS
8.1AI Score
0.004EPSS
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with...
8.2AI Score
0.004EPSS
competitions.co.nz XSS vulnerability
Open Bug Bounty ID: OBB-385705 Description| Value ---|--- Affected Website:| competitions.co.nz Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...
6.4AI Score