Lucene search
+L

8 matches found

nvd
nvd
added 2026/06/04 12:16 p.m.10 views

CVE-2026-10843

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

7.2CVSS0.00328EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/04 12:4 p.m.11 views

CVE-2026-10843

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

7.2CVSS5.7AI score0.00328EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/04 12:4 p.m.9 views

CVE-2026-10843 Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

7.2CVSS5.7AI score0.00328EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/04 12:4 p.m.45 views

CVE-2026-10843 Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

7.2CVSS0.00328EPSS
Exploits0References2
cve
cve
added 2026/06/04 12:4 p.m.24 views

CVE-2026-10843

OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS allow operator credentials to have account-wide permissions for destructive actions, rather than being restricted to cluster-owned resources. This enables cross-scope impact after credential compromise. The CVE-2026-10843 entry do...

7.2CVSS5.7AI score0.00328EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/04 12:4 p.m.11 views

CVE-2026-10843

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

7.2CVSS5.8AI score0.00328EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.25 views

PT-2026-46192

Name of the Vulnerable Software and Affected Versions OpenShift Cloud Credential Operator affected versions not specified Description A flaw exists in the Mint-mode IAM policies for AWS within the OpenShift Cloud Credential Operator. Operator credentials are provisioned with account-wide scope fo...

7.2CVSS5.4AI score0.00328EPSS
Exploits0References4
code423n4
code423n4
added 2023/12/08 12:0 a.m.12 views

Usage of _safeMint in NextGenCore@_mintProcessing allows an attacker to reenter when onERC721Received is called

Lines of code Vulnerability details Impact An attacker can : Exceed the per address allowance in Fixed Price Sale, Exponential Descending Sale and Linear Descending Sale modes. Cause a loss for another user in Burn-to-Mint mode by accepting an offer when onERC721Received is triggered. Proof of...

7AI score
Exploits0
Rows per page
Query Builder