Lucene search
K

53 matches found

Wolfi
Wolfi
added 2024/01/31 10:15 p.m.97 views

CVE-2024-23653 vulnerabilities

Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...

9.8CVSS6.8AI score0.02983EPSS
Exploits0
Wolfi
Wolfi
added 2024/01/31 10:15 p.m.560 views

CVE-2024-23652 vulnerabilities

Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...

10CVSS6.8AI score0.02038EPSS
Exploits0
Wolfi
Wolfi
added 2024/01/31 10:15 p.m.80 views

CVE-2024-23651 vulnerabilities

Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...

8.7CVSS6.8AI score0.00791EPSS
Exploits0
Chainguard
Chainguard
added 2024/01/31 10:15 p.m.170 views

CVE-2024-23653 vulnerabilities

Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...

9.8CVSS6.8AI score0.02983EPSS
Exploits0
Chainguard
Chainguard
added 2024/01/31 10:15 p.m.215 views

CVE-2024-23652 vulnerabilities

Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...

10CVSS6.8AI score0.02038EPSS
Exploits0
Chainguard
Chainguard
added 2024/01/31 10:15 p.m.58 views

CVE-2024-23651 vulnerabilities

Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...

8.7CVSS6.8AI score0.00791EPSS
Exploits0
Wolfi
Wolfi
added 2024/01/31 10:15 p.m.37 views

CVE-2024-23650 vulnerabilities

Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...

5.3CVSS6.7AI score0.00957EPSS
Exploits0
Chainguard
Chainguard
added 2024/01/31 10:15 p.m.34 views

CVE-2024-23650 vulnerabilities

Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...

5.3CVSS6.7AI score0.00957EPSS
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.83 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: scorecard, dgraph, aws-efs-csi-driver-fips, up, slsa-verifier, terraform-provider-sendgrid-fips, buildkitd, kubeflow, falco, smarter-device-manager-fips, falcoctl-fips, spark-operator, prometheus-stackdriver-exporter, metrics-server-fips, kubeflow-fips,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2023/10/25 9:17 p.m.179 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: scorecard, kubescape, up, slsa-verifier, kubevela, cortex, aactl, k3d, spark-operator, terraform-provider-sendgrid, dgraph, kubeflow, buildkitd, prometheus-blackbox-exporter, falco, src...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2023/10/10 9:28 p.m.44 views

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: kubescape, helm, hey, frp, grpcurl, secrets-store-csi-driver, nginx-mainline, envoy-ratelimit, oauth2-proxy, sigstore-scaffolding, flux-source-controller, kubeflow, kots, kubernetes-csi-livenessprobe, prometheus-blackbox-exporter, pulumi-kubernetes-operator,...

6.1AI score
Exploits0
OSV
OSV
added 2022/05/04 6:4 p.m.36 views

GHSA-J77R-2FXF-5JRW Improper path handling in kustomization files allows path traversal

The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use built-in features and a specially crafted kustomization.yaml to expose sensitive data from the controller’s pod filesystem. In multi-tenancy...

9.9CVSS9.2AI score0.01108EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/04 6:4 p.m.29 views

Improper path handling in kustomization files allows path traversal

The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use built-in features and a specially crafted kustomization.yaml to expose sensitive data from the controller’s pod filesystem. In multi-tenancy...

9.9CVSS0.1AI score0.01108EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder