Lucene search
K

151 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.3 views

Azure Linux 3.0 Security Update: keda (CVE-2025-29923)

The version of keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29923 advisory. - go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7....

3.7CVSS6AI score0.00694EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/01/07 4:0 p.m.7 views

CVE-2025-68476 affecting package keda for versions less than 2.14.1-9

CVE-2025-68476 affecting package keda for versions less than 2.14.1-9. A patched version of the package is available...

8.2CVSS6.9AI score0.00433EPSS
Exploits0
OSV
OSV
added 2025/12/30 1:49 a.m.4 views

GO-2025-4257 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential in github.com/kedacore/keda

KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential in github.com/kedacore/keda...

8.2CVSS6.6AI score0.00433EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/12/26 4:15 p.m.8 views

CVE-2025-68156 affecting package keda for versions less than 2.14.1-8

CVE-2025-68156 affecting package keda for versions less than 2.14.1-8. A patched version of the package is available...

7.5CVSS6.9AI score0.00377EPSS
Exploits0
NVD
NVD
added 2025/12/22 10:16 p.m.9 views

CVE-2025-68476

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

8.2CVSS0.00433EPSS
Exploits0References2
OSV
OSV
added 2025/12/22 10:16 p.m.5 views

AZL-72868 CVE-2025-68476 affecting package keda for versions less than 2.14.1-9

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

8.2CVSS7.2AI score0.00433EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/22 9:35 p.m.5 views

EUVD-2025-204753

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

8.2CVSS6.5AI score0.00433EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/22 8:8 p.m.15 views

KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential

Impact An Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account...

8.2CVSS7.3AI score0.00433EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.4 views

PT-2025-52724

Name of the Vulnerable Software and Affected Versions KEDA versions prior to 2.17.3 KEDA versions prior to 2.18.3 Description KEDA is a Kubernetes-based Event Driven Autoscaling component. A flaw exists in KEDA that could allow an attacker with permissions to create or modify a...

8.2CVSS6.3AI score0.00433EPSS
Exploits0References11
OSV
OSV
added 2025/12/16 7:16 p.m.8 views

AZL-72736 CVE-2025-68156 affecting package keda for versions less than 2.14.1-9

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...

7.5CVSS7AI score0.00377EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/17 7:43 p.m.4 views

Moderate: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.17.2-1 Update

Custom Metrics Autoscaler Operator for Red Hat OpenShift updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...

9.1CVSS6.7AI score0.00778EPSS
Exploits0References7
CBLMariner
CBLMariner
added 2025/04/29 3:8 p.m.15 views

CVE-2025-22872 affecting package keda for versions less than 2.14.1-7

CVE-2025-22872 affecting package keda for versions less than 2.14.1-7. A patched version of the package is available...

6.5CVSS7.3AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/04/19 12:20 a.m.9 views

CVE-2024-51744 affecting package keda for versions less than 2.14.1-6

CVE-2024-51744 affecting package keda for versions less than 2.14.1-6. A patched version of the package is available...

3.1CVSS7.3AI score0.00521EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/04/19 12:20 a.m.8 views

CVE-2025-22870 affecting package keda for versions less than 2.14.1-6

CVE-2025-22870 affecting package keda for versions less than 2.14.1-6. A patched version of the package is available...

4.4CVSS7.3AI score0.00384EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2025/04/17 2:42 p.m.19 views

Important: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-6 Update

Custom Metrics Autoscaler Operator for Red Hat OpenShift updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References3
OSV
OSV
added 2025/04/16 6:16 p.m.5 views

AZL-60450 CVE-2025-22872 affecting package keda for versions less than 2.14.1-7

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

6.5CVSS6.6AI score0.00478EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/09 12:0 a.m.13 views

Azure Linux 3.0 Security Update: coredns / ig / keda (CVE-2025-29786)

The version of coredns / ig / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...

7.5CVSS7.3AI score0.00577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/09 12:0 a.m.15 views

CBL Mariner 2.0 Security Update: coredns / ig / keda (CVE-2025-29786)

The version of coredns / ig / keda installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...

7.5CVSS7.3AI score0.00577EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/04/01 8:50 p.m.7 views

Important: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update

Custom Metrics Autoscaler Operator for Red Hat OpenShift updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...

8.7CVSS6.8AI score0.01127EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/04/01 5:15 p.m.7 views

CVE-2025-22870 affecting package keda for versions less than 2.4.0-29

CVE-2025-22870 affecting package keda for versions less than 2.4.0-29. A patched version of the package is available...

4.4CVSS5.2AI score0.00384EPSS
Exploits2
Rows per page
Query Builder