Lucene search
K

35 matches found

Chainguard
Chainguard
added 2025/12/05 1:28 a.m.9 views

GHSA-7C64-F9JR-V9H2 vulnerabilities

Vulnerabilities for packages: image-factory-fips, spicedb-operator, knative-serving, rancher-system-upgrade-controller, crossplane-provider-kubernetes-fips, gitlab-cng, quic-go-fips, src-fingerprint, envoy-gateway-fips, pdfcpu, vertical-pod-autoscaler-fips, gobump, rancher-telemetry, nri-couchbas...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-12223

Malicious code in bioql PyPI...

6.9CVSS3.6AI score0.0054EPSS
Exploits0References4
Veracode
Veracode
added 2025/04/28 7:58 a.m.8 views

Token Leakage

github.com/minio/operator is vulnerable to Token Leakage. The vulnerability is due to improper audience scoping of the defaulting of spec.audiences to the Kubernetes apiserver without proper restrictions, allowing tokens to be replayed to other internal systems...

6.9CVSS6.6AI score0.0054EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/26 12:1 a.m.7 views

CVE-2025-32963

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS6.8AI score0.0054EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/24 3:24 a.m.4 views

SUSE CVE-2025-32963

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS6.9AI score0.0054EPSS
Exploits0References3
NVD
NVD
added 2025/04/22 6:16 p.m.13 views

CVE-2025-32963

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS0.0054EPSS
Exploits0References3
OSV
OSV
added 2025/04/22 6:14 p.m.8 views

GO-2025-3637 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS in github.com/minio/operator

Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS in github.com/minio/operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

6.9CVSS6.3AI score0.0054EPSS
Exploits0References2
CVE
CVE
added 2025/04/22 5:14 p.m.76 views

CVE-2025-32963

MinIO Operator STS (Kubernetes IAM) flaw: before v7.1.0, the spec.audiences default could be the Kubernetes API server, allowing replay to internal systems. Root cause: unscoped audiences enable trust beyond intended scope. Impact: tokens could be replayed to other components; mitigated only by p...

6.9CVSS6.5AI score0.0054EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/22 5:14 p.m.26 views

CVE-2025-32963 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS0.0054EPSS
Exploits0References3
OSV
OSV
added 2025/04/22 5:14 p.m.8 views

CVE-2025-32963 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS4AI score0.0054EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/04/22 5:14 p.m.10 views

CVE-2025-32963 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS7.1AI score0.0054EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.5 views

MinIO Operator 安全漏洞

MinIO Operator is a simple Kubernetes operator for MinIO clusters from MinIO. A security vulnerability exists in MinIO Operator versions prior to 7.1.0, which stems from the failure to provide an audiences field, which could result in tokens being replayed...

6.9CVSS3.8AI score0.0054EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/04/21 10:51 p.m.32 views

Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

Prevent token leakage / privilege escalation MinIO Operator STS: A Quick Overview MinIO Operator STS is a native IAM Authentication for Kubernetes. MinIO Operator offers support for Secure Tokens a.k.a. STS which are a form of temporary access credentials for your MinIO Tenant. In essence, this...

6.9CVSS7.8AI score0.0054EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/04/21 10:51 p.m.13 views

GHSA-7M6V-Q233-Q9J9 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

Prevent token leakage / privilege escalation MinIO Operator STS: A Quick Overview MinIO Operator STS is a native IAM Authentication for Kubernetes. MinIO Operator offers support for Secure Tokens a.k.a. STS which are a form of temporary access credentials for your MinIO Tenant. In essence, this...

6.9CVSS7.6AI score0.0054EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/21 12:0 a.m.5 views

PT-2025-17524 · Minio · Minio Operator

Name of the Vulnerable Software and Affected Versions: MinIO Operator versions prior to 7.1.0 Description: The issue concerns the MinIO Operator STS, a native IAM Authentication for Kubernetes. Without proper scoping, authentication can be replayed to other internal systems that may unintentional...

9.9CVSS4.7AI score0.00955EPSS
Exploits1References39
Rows per page
Query Builder