29 matches found
Astra Linux - уязвимость в ansible
A security flaw was discovered in Ansible Engine. This flaw occurs in Ansible 2.7.x versions prior to 2.7.17, Ansible 2.8.x versions prior to 2.8.11, and Ansible 2.9.x versions prior to 2.9.7 when managing Kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are pass...
Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.4 security update
The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...
Important: Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.7.10
Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.7.10 General Availability release, with updates to container images. Assisted Installer RHEL 8 integrates components for the general multicluster engine for Kubernetes 2.7.10 release that simplify the process of...
CVE-2026-39884
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument injection vulnerability in the portforward tool in src/tools/portforward.ts, where a kubectl command is constructed via string concatenation with user-controlle...
MCP Server Kubernetes 命令注入漏洞
MCP Server Kubernetes is an MCP server for kubernetes management by Suyog Sonwalkar individual developer. A command injection vulnerability exists in MCP Server Kubernetes versions prior to 2.9.8, which stems from the execinpod tool failing to validate user input, which could lead to a command...
CVE-2025-61688
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...
CVE-2025-61688
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...
CVE-2025-61688
CVE-2025-61688 affects Omni, a tool for managing Kubernetes on bare metal, VMs, or cloud environments. Public documents confirm an information leak via an API in Omni older than specific releases. The vulnerability is described consistently across sources as leaking sensitive information through ...
EUVD-2020-0022
Malware in sbrugna...
EUVD-2024-0237
Malicious code in bioql PyPI...
EUVD-2025-0023
Malicious code in bioql PyPI...
EUVD-2023-2000
Malicious code in bioql PyPI...
CVE-2025-53355
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.execSync, enabling ...
MCP Server Kubernetes 安全漏洞
MCP Server Kubernetes is an MCP server for kubernetes management by Suyog Sonwalkar individual developer. A security vulnerability exists in MCP Server Kubernetes that stems from command injection and could lead to remote code execution...
Important: Red Hat Security Advisory: multicluster Engine for Kubernetes 2.5.9 container updates
multicluster Engine for Kubernetes 2.5.9 General Availability release images, with updates to container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
Important: Red Hat Security Advisory: multicluster engine for Kubernetes 2.8.1 container image updates
Multicluster engine for Kubernetes v2.8.1 General Availability release, with updates to container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Enhancement Advisory: RHEA: Submariner 0.19.3 - bug fix and enhancement update
Submariner 0.19.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.12 Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or i...
The vulnerability of the Rancher Manager software for managing Kubernetes clusters lies in the improper assignment of permissions to critical resources, allowing attackers to increase their privileges.
The vulnerability of the Rancher Manager software for managing Kubernetes clusters is related to the improper assignment of permissions to critical resources. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
CVE-2024-56514
Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTPs URL to retrieve the custom resourc...
CVE-2024-56513
Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the karmadactl register command have excessive privileges to access control plane resources...