Lucene search
K

9 matches found

EUVD
EUVD
added yesterday9 views

EUVD-2026-36096

Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook...

7.7CVSS5.8AI score0.00265EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 6:17 p.m.13 views

CVE-2026-49823

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS0.00265EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:23 p.m.9 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:23 p.m.20 views

CVE-2026-49823

Summary : CVE-2026-49823 affects Fission (Kubernetes-native serverless framework). Before version 1.24.0, the PackageRef.Namespace in a Fission Function spec was not validated by the admission webhook (unlike Secret/ConfigMap). This allowed cross-namespace access via an unvalidated Package refere...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

Fission 访问控制错误漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contained a access control vulnerability. This vulnerability stemmed from the lack of namespace validation using the access webhook in the Fission Function specification for...

7.7CVSS5.3AI score0.00265EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48505

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description An issue exists in the Fission serverless framework where the admission webhook fails to validate the namespace for the PackageRef.Namespace reference type. While Secret and ConfigMap reference type...

7.7CVSS5.5AI score0.00265EPSS
Exploits0References10
Snyk
Snyk
added 2026/01/08 5:20 a.m.1 views

Malicious Package

Overview shaktihacker2026 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-8550 Malicious code in @malware-test-chiao-tikka-kicks-betel/test-mlw3-chiao-tikka-kicks-betel (npm)

The package @malware-test-chiao-tikka-kicks-betel/test-mlw3-chiao-tikka-kicks-betel was found to contain malicious code...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2009/06/03 12:0 a.m.27 views

Solaris Update for telnet 119433-01

Check for the Version of telnet OpenVAS Vulnerability Test Solaris Update for telnet 119433-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

7.5CVSS0.1AI score0.27073EPSS
Exploits0References2
Rows per page
Query Builder