Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/03/30 9:31 p.m.8 views

Duplicate Advisory: Kyverno is vulnerable to server-side request forgery (SSRF)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rggm-jjmc-3394. This link is maintained to preserve external references. Original Description Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS6AI score0.00705EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/03/30 8:44 p.m.42 views

CVE-2026-4789

CVE-2026-4789 : Kyverno versions >=1.16.0 are vulnerable to SSRF via the CEL HTTP library used in CEL-based policies. The issue stems from the http.Get/http.Post functions in pkg/cel/libs/http/http.go not enforcing URL restrictions, enabling an attacker with namespace-scoped policy creation pe...

9.8CVSS5.9AI score0.00705EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.3 views

PT-2026-29129

Name of the Vulnerable Software and Affected Versions Kyverno versions 1.16.0 and later Description Kyverno is susceptible to Server-Side Request Forgery SSRF because of unrestricted Common Expression Language CEL HTTP functions. Recommendations Update to a newer version that contains a fix for...

9.8CVSS5.9AI score0.00705EPSS
Exploits0References19
OSV
OSV
added 2024/11/01 3:15 p.m.3 views

CVE-2024-38769

Missing Authorization vulnerability in Tyche Softwares Arconix Shortcodes allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Arconix Shortcodes: from n/a through 2.1.11...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/25 12:0 a.m.7 views

CVE-2022-45891

Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads Upload2.ashx or access content uploaded by other users View.aspx after Ajax.asmx/SaveGrantAccessList...

7.3AI score0.00723EPSS
Exploits3References1
Rows per page
Query Builder