Lucene search
K

8 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-362 Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering

Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like securityContext and inject multi-document YAML to create additional unintended Kubernetes resources. Details The server interpolates...

10CVSS6.3AI score0.00062EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-364 Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score0.0086EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.13 views

PT-2026-46096

Summary The environment variables KERNEL XXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.21 views

PT-2026-46126

Name of the Vulnerable Software and Affected Versions jupyter enterprise gateway versions prior to 3.3.0 Description Unsafe Jinja2 template rendering allows for Kubernetes manifest injection. The server interpolates untrusted environment variables such as KERNEL XXX into Kubernetes manifests...

10CVSS6.3AI score0.00062EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-46091

Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like securityContext and inject multi-document YAML to create additional unintended Kubernetes resources. Details The server interpolates...

10CVSS6.2AI score
Exploits0References3
Veracode
Veracode
added 2025/09/08 9:4 a.m.5 views

Directory Traversal

github.com/containers/podman is vulnerable to Directory Traversal.The vulnerability is due to a lack of symlink canonicalization and host-path validation; this allows an attacker who supplies a malicious Kubernetes YAML to cause podman to write the ConfigMap/Secret data contents are defined by th...

8.1CVSS7.1AI score0.01008EPSS
Exploits0References35Affected Software4
GithubExploit
GithubExploit
added 2024/04/02 8:7 p.m.94 views

Exploit for Embedded Malicious Code in Tukaani Xz

xzk8s !Docker Pulls xzk8shttps://img.shields.io/docker/pul...

10CVSS9.7AI score0.85974EPSS
Exploits40
Wallarm Lab
Wallarm Lab
added 2020/08/17 10:25 p.m.24 views

10 minutes to secure your Kubernetes application without giving up on customization: Wallarm WAF as a sidecar container with plain Kubernetes manifests

In this series’ previous article, we added the AI-powered Wallarm WAF to our Helm chart bundled application as a sidecar container. As you can see, 10 minutes is the time we need to stop worrying about rules, lists, and attacks, and start focusing on performance, optimization, and deployment. As...

0.6AI score
Exploits0
Rows per page
Query Builder