Lucene search
K

89 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29179

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed,...

8.2CVSS8.2AI score0.00355EPSS
Exploits0References3
NVD
NVD
added 2022/05/20 7:15 p.m.32 views

CVE-2022-29179

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed,...

8.2CVSS0.00355EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/05/20 2:15 p.m.4 views

CVE-2022-29165 Argo CD will blindly trust JWT claims if anonymous access is enabled

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, includin...

10CVSS9.7AI score0.01857EPSS
Exploits0References4
OSV
OSV
added 2022/05/20 2:15 p.m.29 views

CVE-2022-29165 Argo CD will blindly trust JWT claims if anonymous access is enabled

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, includin...

10CVSS9.2AI score0.01857EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.1 views

PT-2022-19433 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.9.16 Cilium versions prior to 1.10.11 Cilium versions prior to 1.11.5 Description: Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. If a...

8.2CVSS7.4AI score0.00355EPSS
Exploits0References16
GithubExploit
GithubExploit
added 2022/03/25 7:43 p.m.1222 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Linuxfoundation Containerd

PoC for CVE-2022-23648 This is a proof of concept for @fel...

7.5CVSS7.8AI score0.27392EPSS
Exploits4
Veracode
Veracode
added 2022/02/28 7:59 a.m.17 views

Privilege Escalation

github.com/clastix/capsule-proxy is vulnerable to privilege escalation. The vulnerability exists due to the malicious Connection header in the Kubernetes API Server allowing an unauthorized user to gain cluster-admin privileges...

8.8CVSS3.3AI score0.01375EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2022/02/22 8:15 p.m.26 views

CVE-2022-23652

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

8.8CVSS0.01375EPSS
Exploits1References3
Prion
Prion
added 2022/02/22 8:15 p.m.10 views

Design/Logic Flaw

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

6.5CVSS8.8AI score0.01375EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/22 7:55 p.m.6 views

CVE-2022-23652 Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

8.8CVSS8.9AI score0.01375EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/02/22 7:55 p.m.25 views

CVE-2022-23652 Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

8.8CVSS9.1AI score0.01375EPSS
Exploits1References3
OSV
OSV
added 2022/02/22 7:55 p.m.21 views

CVE-2022-23652 Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

8.8CVSS8.7AI score0.01375EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/02/22 12:0 a.m.4 views

capsule-proxy 授权问题漏洞

The capsule-proxy is designed to allow overcoming the limitations of the Kubernetes API Server in listing the cluster-wide resources it owns, such as Namespace, Ingress and Storage Classes, Nodes, and other resources covered by the Capsule. A security vulnerability in capsule-proxy versions prior...

8.8CVSS7.8AI score0.01375EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2021/11/15 5:35 p.m.27 views

Privilege escalation to cluster admin on multi-tenant environments

Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization objects, could execute commands inside the kustomize-controller container by embedding a shell script in a Kubernetes Secret. This can be used to run kubectl commands under the Service Account of kustomize-controlle...

9CVSS1.9AI score0.01766EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/11/15 5:35 p.m.17 views

GHSA-35RF-V2JV-GFG7 Privilege escalation to cluster admin on multi-tenant environments

Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization objects, could execute commands inside the kustomize-controller container by embedding a shell script in a Kubernetes Secret. This can be used to run kubectl commands under the Service Account of kustomize-controlle...

8.8CVSS9AI score0.01766EPSS
Exploits1References3
NVD
NVD
added 2021/11/12 6:15 p.m.31 views

CVE-2021-41254

kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization objects, could...

9CVSS0.01766EPSS
Exploits1References1
Prion
Prion
added 2021/11/12 6:15 p.m.20 views

Design/Logic Flaw

kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization objects, could...

9CVSS8.9AI score0.01766EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/11/12 5:45 p.m.30 views

CVE-2021-41254 Privilege escalation to cluster admin on multi-tenant environments

kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization objects, could...

8.8CVSS9.2AI score0.01766EPSS
Exploits1References1
CVE
CVE
added 2021/11/12 5:45 p.m.64 views

CVE-2021-41254

CVE-2021-41254 affects the Flux CD kustomize-controller, allowing authenticated users who can create Secrets, Service Accounts, and Flux Kustomization objects to have the controller execute shell commands inside its container via embedded Secrets. This enables running kubectl under the controller...

9CVSS8.9AI score0.01766EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.5 views

kustomize-controller 操作系统命令注入漏洞

kustomize-controller is a Kubernetes operator that specializes in running continuous delivery pipelines for infrastructure and workloads defined with a Kubernetes manifest and assembled using Kustomize. An operating system command injection vulnerability exists in versions prior to...

9CVSS7.9AI score0.01766EPSS
Exploits1References1
Rows per page
Query Builder