EUVD-2022-1057

Malicious code in bioql PyPI...

SUSE CVE-2020-8569

Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...

NULL Pointer Dereference in Kubernetes CSI snapshot-controller

Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...

GHSA-HWRR-RHMM-VCVF NULL Pointer Dereference in Kubernetes CSI snapshot-controller

Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...

CVE-2020-8569

Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...

CVE-2020-8569

CVE-2020-8569 affects the Kubernetes CSI external snapshot-controller when processing a VolumeSnapshot CR that references a non-existent PersistentVolumeClaim and lacks a VolumeSnapshotClass. The root cause is a NULL pointer dereference which can cause the snapshot-controller to crash and, after ...

CVE-2020-8569 Kubernetes CSI snapshot-controller DoS

Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...

CVE-2020-8569

A flaw was found in the Kubernetes snapshot-controller, where it is vulnerable to a denial of service attack via authorized API requests. The snapshot-controller can dereference a NULL pointer when processing a VolumeSnapshot custom resource via an authorized API request with invalid references t...

Kubernetes: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC

Report Submission Form I was asked by Kubernetes Product Security and H1 Employee @turtleshell to open a new report with the same details as report 995699. Summary: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC Kubernetes Version: 1.19 Component Version:...

Kubernetes: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC

Report Submission Form Summary: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC Kubernetes Version: 1.19 Component Version: snapshot-controller from external-snapshotter repo ver 3.0.0 https://github.com/kubernetes-csi/external-snapshotter/releases/tag/v3.0.0...