Lucene search
K

110 matches found

Github Security Blog
Github Security Blog
added 2024/06/04 5:52 p.m.33 views

apko Exposure of HTTP basic auth credentials in log output

Summary Exposure of HTTP basic auth credentials from repository and keyring URLs in log output Details There was a handful of instances where the apko tool was outputting error messages and log entries where HTTP basic authentication credentials were exposed for one of two reasons: 1. The%s verb...

7.5CVSS6.9AI score0.00441EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2024/06/04 2:26 a.m.5 views

SUSE CVE-2024-36127

apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5...

7.5CVSS7AI score0.00441EPSS
Exploits0References3
NVD
NVD
added 2024/06/03 3:15 p.m.33 views

CVE-2024-36127

apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5...

7.5CVSS7.5AI score0.00441EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/03 2:49 p.m.24 views

CVE-2024-36127 apko Exposure of HTTP basic auth credentials in log output

apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5...

7.5CVSS7.4AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2024/06/03 2:49 p.m.11 views

CVE-2024-36127 apko Exposure of HTTP basic auth credentials in log output

apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5...

7.5CVSS7.3AI score0.00441EPSS
Exploits0References4
Circl
Circl
added 2024/06/03 1:18 p.m.9 views

CVE-2024-36127

creationtimestamp| type| source ---|---|--- 2024-06-03 13:18:53+00:00| published-proof-of-concept| https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp...

7.5CVSS7.1AI score0.00441EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/04/11 5:15 p.m.14 views

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: tkn, vexctl, zot, chainctl, apko, zarf, flux-source-controller, neuvector-sigstore-interface, skaffold, tekton-chains, kubescape, tekton-chains-fips, aactl, spire-server, melange, gitsign, spire-server-fips, wolfictl, falcoctl, falco, ko-fips, policy-controller, ko,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2024/04/11 5:15 p.m.307 views

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: melange, tekton-chains, vexctl, policy-controller, kubescape, zarf, zot, flux-source-controller, ko, falco, slsa-verifier, falcoctl, wolfictl, aactl, tkn, skaffold, gitsign, spire-server, apko, neuvector-sigstore-interface, goreleaser...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2024/04/11 5:5 p.m.33 views

GHSA-88JX-383Q-W4QC vulnerabilities

Vulnerabilities for packages: melange, tekton-chains, vexctl, policy-controller, kubescape, zarf, zot, flux-source-controller, ko, falco, slsa-verifier, falcoctl, wolfictl, aactl, tkn, skaffold, gitsign, spire-server, apko, neuvector-sigstore-interface, goreleaser...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2024/04/10 11:15 p.m.53 views

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: melange, tekton-chains, vexctl, policy-controller, kubescape, zarf, zot, flux-source-controller, ko, falco, slsa-verifier, falcoctl, wolfictl, aactl, tkn, skaffold, gitsign, spire-server, apko, neuvector-sigstore-interface, goreleaser...

7.5CVSS6.5AI score0.00851EPSS
Exploits1
Chainguard
Chainguard
added 2024/04/10 11:15 p.m.41 views

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: tkn, vexctl, zot, chainctl, apko, zarf, flux-source-controller, neuvector-sigstore-interface, skaffold, tekton-chains, kubescape, tekton-chains-fips, aactl, spire-server, melange, gitsign, spire-server-fips, wolfictl, falcoctl, falco, ko-fips, policy-controller, ko,...

7.5CVSS6.5AI score0.00851EPSS
Exploits1
Chainguard
Chainguard
added 2024/04/10 11:15 p.m.30 views

CVE-2024-29902 vulnerabilities

Vulnerabilities for packages: tkn, vexctl, zot, chainctl, apko, zarf, flux-source-controller, neuvector-sigstore-interface, skaffold, tekton-chains, kubescape, tekton-chains-fips, aactl, spire-server, melange, gitsign, spire-server-fips, wolfictl, falcoctl, falco, ko-fips, policy-controller, ko,...

5.9CVSS6.1AI score0.00658EPSS
Exploits0
Wolfi
Wolfi
added 2024/04/10 11:15 p.m.39 views

CVE-2024-29902 vulnerabilities

Vulnerabilities for packages: melange, tekton-chains, vexctl, policy-controller, kubescape, zarf, zot, flux-source-controller, ko, falco, slsa-verifier, falcoctl, wolfictl, aactl, tkn, skaffold, gitsign, spire-server, apko, neuvector-sigstore-interface, goreleaser...

5.9CVSS6.1AI score0.00658EPSS
Exploits0
Chainguard
Chainguard
added 2024/01/08 4:45 p.m.127 views

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: flux-notification-controller, sops, tkn, vexctl, pulumi-language-dotnet, syft, flux-image-automation-controller, gomplate, crossplane-provider-aws-iam, actions-runner-controller, crossplane-provider-aws-sqs, crossplane-provider-aws-ec2, pulumi, zot, opentofu,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2023/11/08 3:2 p.m.14 views

GHSA-VFP6-JRW2-99G9 vulnerabilities

Vulnerabilities for packages: kubescape, tkn, aactl, policy-controller, ko, spire-server, cosign, slsa-verifier, melange, spire-server-fips, flux-source-controller, skaffold, falco, falcoctl-fips, apko, tekton-chains...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2023/11/08 3:2 p.m.27 views

GHSA-VFP6-JRW2-99G9 vulnerabilities

Vulnerabilities for packages: ko, policy-controller, melange, falco, kubescape, skaffold, tkn, spire-server, slsa-verifier, cosign, apko, flux-source-controller, tekton-chains, aactl...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2023/11/07 6:15 p.m.43 views

CVE-2023-46737 vulnerabilities

Vulnerabilities for packages: kubescape, tkn, aactl, policy-controller, ko, spire-server, cosign, slsa-verifier, melange, spire-server-fips, flux-source-controller, skaffold, falco, falcoctl-fips, apko, tekton-chains...

5.3CVSS6.1AI score0.0064EPSS
Exploits1
Wolfi
Wolfi
added 2023/11/07 6:15 p.m.49 views

CVE-2023-46737 vulnerabilities

Vulnerabilities for packages: ko, policy-controller, melange, falco, kubescape, skaffold, tkn, spire-server, slsa-verifier, cosign, apko, flux-source-controller, tekton-chains, aactl...

5.3CVSS6.1AI score0.0064EPSS
Exploits1
Chainguard
Chainguard
added 2023/10/11 8:35 p.m.59 views

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: flux-notification-controller, k3s, kube-logging-operator, kubernetes-ingress-defaultbackend, gomplate, dive, kube-state-metrics-fips, haproxy-ingress, terraform, kube-fluentd-operator, weaviate, aws-load-balancer-controller-fips, kubernetes-csi-external-provisioner,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2023/05/08 4:15 p.m.35 views

CVE-2023-30551 vulnerabilities

Vulnerabilities for packages: aactl, apko, ko...

7.5CVSS7.1AI score0.0105EPSS
Exploits0
Rows per page
Query Builder