606 matches found
CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API
Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...
CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API
Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...
Talos Linux 安全漏洞
Talos Linux is Sidero Labs' modern Linux distribution built for Kubernetes. Talos Linux suffers from a security vulnerability that stems from incorrect validation of a request when signing a CSR Certificate Signing Request for a worker node, resulting in full access to the Talos API on a control...
F5 Networks BIG-IP : GSON vulnerability (K00994461)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K00994461 advisory. The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the...
CVE-2022-31145
Summary: CVE-2022-31145 concerns FlyteAdmin's validation of access/tokens. In versions up to 1.1.30, authenticated users with external identity providers can continue to use Access Tokens and ID Tokens after expiry. The issue does not affect users configuring FlyteAdmin as the OAuth2 Authorizatio...
Detecting malicious key extractions by compromised identities for Azure Cosmos DB
Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for...
GSD-2022-1002525 IP address filtering in Google Cloud Platform (GCP) version All versions as of 2022-06-07 and later (unfixed as of yet)
In Google Cloud Platform GCP, all versions as of 2022-06-07 and later unfixed as of yet an IP address filtering vulnerability exists in the Kubernetes control plane that can be attacked via other systems within Google Cloud Engine's network filtering is only applied to external IP addresses...
io.mantisrx:mantis-control-plane-client (=1.2.28), io.mantisrx:mantis-control-plane-core (=1.2.28) +11 more potentially affected by CVE-2018-1330 via org.apache.mesos:mesos (>=1.4.0 <=1.5.0)
org.apache.mesos:mesos MAVEN version =1.4.0, =2.23.0, =2.7.0, =2.3.0, =2.4.0, =3.2.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.8.0 Source cves: CVE-2018-1330 Source advisory: OSV:GHSA-95Q3-PPPP-R683...
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9363)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9363 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2022-27495
On all versions 1.3.x fixed in 1.4.0 NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2022-27495
On all versions 1.3.x fixed in 1.4.0 NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Design/Logic Flaw
On all versions 1.3.x fixed in 1.4.0 NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2022-27495
On all versions 1.3.x fixed in 1.4.0 NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2022-27495
On all versions 1.3.x fixed in 1.4.0 NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
istio: Unauthenticated control plane denial of service attack due to stack exhaustion
A stack exhaustion flaw was found in the Istio control plane. This flaw allows a remote unauthenticated attacker to send a specially crafted or oversized message to crash the control plane process, resulting in a denial of service condition...
istio: unauthenticated control plane denial of service attack
A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash...
istio: Unauthenticated control plane denial of service attack due to stack exhaustion
A stack exhaustion flaw was found in the Istio control plane. This flaw allows a remote unauthenticated attacker to send a specially crafted or oversized message to crash the control plane process, resulting in a denial of service condition...
istio: unauthenticated control plane denial of service attack
A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash...
CVE-2022-24726
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the...
Design/Logic Flaw
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the...