Lucene search
K

4 matches found

Veracode
Veracode
added 2025/11/11 6:55 a.m.6 views

Code Injection

Gardener Extensions is vulnerable to Code Injection. The vulnerability is due to improper handling of user-controlled input in Terraformer-based infrastructure provisioning across AWS, Azure, OpenStack, and GCP providers, which allows an attacker with administrative privileges in a Gardener proje...

9.9CVSS7.4AI score0.00477EPSS
Exploits0References11Affected Software4
Snyk
Snyk
added 2025/09/25 4:39 p.m.1 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the Terraformer process. An attacker can execute arbitrary code with elevated privileges by injecting malicious Terraform configurations during infrastructure provisioning. Note: This is only exploitable if ...

9.9CVSS8.1AI score0.00477EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/25 4:39 p.m.3 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the Terraformer process. An attacker can execute arbitrary code with elevated privileges by injecting malicious Terraform configurations during infrastructure provisioning. Note: This is only exploitable if ...

9.9CVSS8.1AI score0.00477EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/25 4:39 p.m.1 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the Terraformer process. An attacker can execute arbitrary code with elevated privileges by injecting malicious Terraform configurations during infrastructure provisioning. Note: This is only exploitable if ...

9.9CVSS8.1AI score0.00477EPSS
Exploits0References3
Rows per page
Query Builder