Lucene search
K

7 matches found

NVD
NVD
added 6 hours ago6 views

CVE-2026-44938

A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a Fleet-monitored...

8.8CVSS
Exploits0References2
Cvelist
Cvelist
added 7 hours ago7 views

CVE-2026-44938 Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a Fleet-monitored...

8.8CVSS
Exploits0References2
CVE
CVE
added 7 hours ago15 views

CVE-2026-44938

CVE-2026-44938 affects Fleet’s agent-side deployer, which did not filter security‑sensitive keys from namespaceLabels when applying them to a target namespace. An attacker with git push access to a Fleet-monitored repo could overwrite Pod Security Standards (PSS) enforcement labels, weakening adm...

8.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 6 days ago4 views

GHSA-864G-863M-VCVQ Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...

8.8CVSS5.8AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 6 days ago12 views

Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...

8.8CVSS5.8AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 6 days ago3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the addLabelsFromOptions function. An attacker can overwrite security-sensitive namespace labels by pushing changes to a monitored repository, thereby weakening admission controls and enabling...

8.8CVSS6AI score
Exploits0References2
OSV
OSV
added 2024/05/15 12:6 p.m.22 views

BIT-CILIUM-OPERATOR-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

9CVSS8.2AI score0.0046EPSS
Exploits1References3
Rows per page
Query Builder