17 matches found
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: k9s-fips, longhorn-share-manager-fips, terraform-provider-time-fips, coredns-fips, helm, infinispan-operator, crossplane-provider-aws-servicediscovery-fips, litmus-chaos-operator, aws-node-termination-handler, xeol-fips, flux-notification-controller, nri-rabbitmq,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: longhorn-share-manager-fips, terraform-provider-time-fips, crossplane-provider-aws-servicediscovery-fips, xeol-fips, nri-rabbitmq, mcp-grafana, wave, nri-rabbitmq-fips, dex-k8s-authenticator, virt-api, prometheus-mysqld-exporter, falcoctl, vgpu-util, task-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: k9s-fips, longhorn-share-manager-fips, terraform-provider-time-fips, coredns-fips, helm, infinispan-operator, crossplane-provider-aws-servicediscovery-fips, litmus-chaos-operator, aws-node-termination-handler, xeol-fips, flux-notification-controller, nri-rabbitmq,...
GHSA-7C64-F9JR-V9H2 vulnerabilities
Vulnerabilities for packages: cfssl-fips, k9s-fips, longhorn-share-manager-fips, terraform-provider-time-fips, coredns-fips, helm, infinispan-operator, xeol-fips, nri-rabbitmq, prometheus, ipfs-cluster, goreleaser, kratos, paranoia, consul-fips, crane-fips, aws-eks-pod-identity-agent-fips,...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: cfssl-fips, k9s-fips, longhorn-share-manager-fips, terraform-provider-time-fips, coredns-fips, helm, infinispan-operator, xeol-fips, nri-rabbitmq, prometheus, ipfs-cluster, goreleaser, kratos, paranoia, consul-fips, crane-fips, aws-eks-pod-identity-agent-fips,...
EUVD-2023-3019
Malicious code in bioql PyPI...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: aws-eks-pod-identity-agent, kubeflow-katib, nri-apache, nri-nginx, kuma, tkn, nri-rabbitmq, nri-haproxy, prometheus, ipfs-cluster, linkerd2-cni-plugin, kubernetes-csi-driver-nfs, kubernetes-dashboard-auth, controller-gen, k8sgpt, migrate, render-template, swagger,...
GO-2023-2355 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving...
The vulnerability of the Knative Serving deployment and application management tool, related to uncontrolled resource consumption, allows a attacker to cause service failures.
The vulnerability of the Knative Serving deployment and application management tool is related to an uncontrolled resource consumption when processing endpoints in the /metrics directory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
CVE-2023-48713
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
Design/Logic Flaw
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
Knative Serving Security Vulnerability
Knative Serving is a Kubernetes-based build from Knative that supports the deployment and servicing of applications and features as serverless containers. A security vulnerability exists in Knative Serving that stems from a memory allocation error, which could lead to a denial of service by an...
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Summary A vulnerability was fond in Knative Serving that could allow an attacker to crash the Knative Serving autoscaler resulting in a denial of service. The attacker would need to have compromised one pod in the Knative Serving deployment, and with that position they could launch the attack...
GHSA-QMVJ-4QR9-V547 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Summary A vulnerability was fond in Knative Serving that could allow an attacker to crash the Knative Serving autoscaler resulting in a denial of service. The attacker would need to have compromised one pod in the Knative Serving deployment, and with that position they could launch the attack...