525 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: aws-load-balancer-controller, spire-server, newrelic-k8s-metadata-injection, dbmate, goreleaser, oras, polaris, dgraph, temporal, stakater-reloader, envoy-ratelimit, flux-image-automation-controller, malcontent, tailscale, kubewatch, nova, grafana-rollout-operator,...
CVE-2026-39961
Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...
GHSA-99J8-WV67-4C72 Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource
Impact A developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys, service tokens — with a single kubectl apply. The operator reads the victim's secret using its ClusterRole and write...
CVE-2026-39961
Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management via the ClickhouseUser/ServiceUser. An attacker can access sensitive information from other namespaces by supplying a crafted namespace value, causing the operator to read secrets from unauthorized location...
CVE-2026-39961 Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource
Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: spire-server, verticadb-operator, terragrunt, secrets-store-csi-driver-provider-azure, cert-manager, buildkitd, cosign, cert-manager-istio-csr, falcosidekick, policy-controller, tfsec, calico, cluster-api-ipam-provider-in-cluster, envoy-ratelimit, podinfo, rancher,...
CVE-2026-32306
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the telemetry aggregation API accepts user-controlled aggregationType, aggregateColumnName, and aggregationTimestampColumnName parameters and interpolates them directly into ClickHouse SQL queries via the .appe...
CVE-2026-33142
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142 OneUptime: ClickHouse SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142 OneUptime: ClickHouse SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142 OneUptime: ClickHouse SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...
CVE-2026-33142
CVE-2026-33142 affects OneUptime prior to version 10.0.34. The issue arises because the functions toSortStatement, toSelectStatement, and toGroupByStatement in StatementGenerator interpolate user-supplied keys as ClickHouse Identifier parameters without validating that they match actual model col...
SQL Injection
Overview @oneuptime/common is a The OneUptime Common UI Library is a collection of shared components, utilities that are used across the OneUptime platform. It is designed to be easy to install and use, and to be extensible. This library is built with React and TypeScript. It includes c Affected...
OneUptime ClickHouse vulnerable to SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters
The fix for GHSA-p5g2-jm85-8g35 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query construction paths in StatementGenerator. The toSortStatement, toSelectStatement, and...
GHSA-GCG3-C5P2-CQGG OneUptime ClickHouse vulnerable to SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters
The fix for GHSA-p5g2-jm85-8g35 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query construction paths in StatementGenerator. The toSortStatement, toSelectStatement, and...
PT-2026-26198
The fix for GHSA-p5g2-jm85-8g35 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query construction paths in StatementGenerator. The toSortStatement, toSelectStatement, and...
EUVD-2026-11719
OneUptime ClickHouse SQL Injection via Aggregate Query Parameters...