Lucene search
K

815 matches found

CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.27 views

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2

CVE-2026-29181 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00435EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.23 views

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2

CVE-2026-33814 affecting package etcd for versions less than 3.5.30-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00781EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 1:19 p.m.10 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 1:19 p.m.10 views

CVE-2026-10533

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 1:19 p.m.13 views

EUVD-2026-33641

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 1:19 p.m.38 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS0.0023EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 6:30 p.m.2 views

GHSA-3M4Q-GGCJ-J6M4 Calico Inserts Sensitive Information into Log File

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References9
NVD
NVD
added 2026/05/28 5:16 p.m.14 views

CVE-2026-6720

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS0.00224EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:47 p.m.9 views

CVE-2026-6720

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/28 3:47 p.m.11 views

EUVD-2026-32932

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 3:47 p.m.10 views

CVE-2026-6720 Calicoctl leaks cluster credentials to stderr when verbose logging is enabled

When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the cluster — inline kubeconfig with bearer token,...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 3:47 p.m.36 views

CVE-2026-6720

Calico component calicoctl is affected. When run with --log-level=info or --log-level=debug, it prints the full contents of its loaded connection-configuration struct to stderr in a single log line, exposing credentials (inline kubeconfig with bearer token, Kubernetes API bearer token, etcd passw...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44417

Name of the Vulnerable Software and Affected Versions calicoctl affected versions not specified Description When the client is invoked with --log-level=info or --log-level=debug, it prints the full contents of its loaded connection-configuration struct to stderr in a single log line. This struct...

7.2CVSS5.8AI score0.00224EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in etcd

A DNS rebinding vulnerability has been discovered in etcd 3.3.1 and earlier versions. An attacker can manipulate their DNS records to direct requests to localhost, thereby tricking the browser into sending requests to localhost or any other address...

5.5CVSS6.3AI score0.00512EPSS
Exploits1References1
Rosalinux
Rosalinux
added 2026/05/19 2:18 p.m.22 views

Advisory ROSA-SA-2026-3280

software: etcd 3.6.10 OS: ROSA-CHROME unaffected versions = etcd-3.6.10-1 affected versions etcd-3.6.10-1 CVE-ID: CVE-2026-33343 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in etcd allows an authenticated user with limited RBAC rights to bypass key-level authorization using nested...

6.5CVSS5.7AI score0.0021EPSS
Exploits0
OSV
OSV
added 2026/05/18 5:39 a.m.11 views

BIT-ETCD-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/17 8:1 a.m.14 views

etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

...

6.5CVSS5.8AI score0.00225EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.10 views

SUSE CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 6:16 p.m.6 views

UBUNTU-CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 6:16 p.m.14 views

CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Rows per page
Query Builder