10 matches found
CVE-2026-46618
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...
CVE-2026-46618 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...
CVE-2026-46618 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...
GHSA-7PJR-QPVH-M339 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables
Summary Before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command... after a strings.Fields split, with no validation of the executable path or its arguments. A user who could create or update Environment CRDs in a namespace...
PT-2026-42688
Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.23.0 Description In pkg/builder/builder.go, the software passes the Environment.spec.builder.command variable directly into the exec.Command function after a strings.Fields split without validating the executable pa...
CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...
CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...
CVE-2026-35218
Budibase (open‑source low-code platform) prior to version 3.32.5 is affected by a Stored XSS in the Builder Command Palette. The vulnerability arises because entity names (tables, views, queries, automations) are rendered using Svelte’s {@html} without sanitization, allowing an authenticated Buil...
PT-2026-30193
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.32.5 Description Budibase, an open-source low-code platform, had a critical issue in its Builder Command Palette. Before version 3.32.5, entity names tables, views, queries, automations were rendered using Svelte's...
CVE-2024-7387
OpenShift CVE-2024-7387 is a symlink-traversal/path traversal vulnerability in the openshift/builder docker build path. A privileged build container can have its destinationDir override a symlink (e.g., usr_bin -> /usr/bin), enabling overwriting of system binaries like /usr/bin/cp and executio...