Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.7 views

CVE-2023-44392

Garden provides automation for Kubernetes development and testing. Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. Garden stores serialized objects using cryo in the...

9CVSS7.8AI score0.00685EPSS
Exploits0References1
Circl
Circl
added 2023/10/10 12:16 a.m.8 views

CVE-2023-44392

creationtimestamp| type| source ---|---|--- 2023-10-10 00:16:14+00:00| seen| https://t.me/cibsecurity/71870...

9CVSS8.4AI score0.00685EPSS
Exploits0References1
CVE
CVE
added 2023/10/09 7:6 p.m.51 views

CVE-2023-44392

CVE-2023-44392 affects Garden prior to versions 0.13.17 (Bonsai) and 0.12.65 (Acorn). The vulnerability arises from the cryo library’s insecure deserialization, used by Garden to cache test/run results in Kubernetes ConfigMaps named with prefixes like test-result and run-result stored in either t...

9CVSS9.3AI score0.00685EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/09 7:6 p.m.35 views

CVE-2023-44392 Arbitrary code execution vulnerability when using shared Kubernetes cluster

Garden provides automation for Kubernetes development and testing. Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. Garden stores serialized objects using cryo in the...

8.2CVSS9.7AI score0.00685EPSS
Exploits0References2
Rows per page
Query Builder