Lucene search
K

11 matches found

Wolfi
Wolfi
added 2026/04/11 2:51 a.m.7 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: metacontroller, tailscale, secrets-store-csi-driver-provider-aws, nfs-subdir-external-provisioner, nodetaint, polaris, fluxcd-kustomize-mutating-webhook, goreleaser, osv-scanner, dbmate, github-mcp-server, grafana-rollout-operator, oras, smarter-device-manager, dgrap...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/30 6:31 p.m.3 views

EUVD-2026-17133

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS6AI score0.00268EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.7 views

KubePlus 安全漏洞

KubePlus is a Kubernetes multi-tenant application management platform developed by cloud-ark. KubePlus 4.1.4 contains security vulnerabilities, which stem from server-side request forgery and command injection during the processing of the chartURL field by the mutating webhook and...

7.6CVSS5.8AI score0.00268EPSS
Exploits1References3
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-29954

CVE-2026-29954 affects KubePlus 4.1.4, specifically the mutating webhook and kubeconfiggenerator. The vulnerability arises when processing the chartURL field of ResourceComposition resources: the value is only URL-encoded and not validated, enabling SSRF. More critically, kubeconfiggenerator conc...

7.6CVSS6AI score0.00268EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.1 views

CVE-2026-29954

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS6AI score0.00268EPSS
Exploits1References3
Wolfi
Wolfi
added 2025/08/09 1:47 p.m.29 views

CVE-2025-47907 vulnerabilities

Vulnerabilities for packages: gomplate, step-ca, k8sgpt, fuse-overlayfs-snapshotter, amazon-cloudwatch-agent, aws-eks-pod-identity-agent, cilium-cli, crossplane-provider-azure-storage, yunikorn-web, rook, aws-load-balancer-controller, jitsucom-bulker, prometheus-operator, keda, aws-flb-cloudwatch...

7CVSS6.7AI score0.00331EPSS
Exploits0
OSV
OSV
added 2024/04/30 9:39 a.m.20 views

GHSA-2CGQ-H8XW-2V5J CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.1AI score0.01418EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/04/30 9:39 a.m.36 views

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2021/09/21 7:22 a.m.23 views

Information Disclosure

github.com/kubernetes/kubernetes is vulnerable to information disclosure and malicious redirection. If --profiling is enabled on the kube-apiserver, an attacker with a control over a validating or mutating webhook are able to access the kube-apiserver process logs and are able to redirect...

4.1CVSS4.2AI score0.01953EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/09/20 5:15 p.m.3 views

DEBIAN-CVE-2020-8561

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS5AI score0.01953EPSS
Exploits0References1
OSV
OSV
added 2021/09/20 5:15 p.m.2 views

UBUNTU-CVE-2020-8561

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS6.6AI score0.01953EPSS
Exploits0References3
Rows per page
Query Builder