Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.4 views

CVE-2022-23509

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...

7.3CVSS6.6AI score0.00239EPSS
Exploits0References1
Circl
Circl
added 2023/01/09 4:27 p.m.5 views

CVE-2022-23509

creationtimestamp| type| source ---|---|--- 2023-01-09 16:27:33+00:00| seen| https://t.me/cibsecurity/56154...

7.3CVSS6.4AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2023/01/09 1:1 p.m.70 views

CVE-2022-23509

CVE-2022-23509 concerns insecure, unencrypted communication between Weave GitOps’ GitOps Run and its local S3 bucket. This allows privileged users or processes to tap traffic and obtain information enabling access to the S3 bucket, potentially leading to bucket content modification and unintended...

7.3CVSS6.2AI score0.00239EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/09 1:1 p.m.8 views

CVE-2022-23509 Weave Gitops Run vulnerable to insecure communication

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...

7.3CVSS7.6AI score0.00239EPSS
Exploits0References3
Rows per page
Query Builder