Lucene search
K

76 matches found

EUVD
EUVD
added 2026/06/30 6:17 p.m.12 views

EUVD-2026-36097

Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook...

8.5CVSS5.8AI score0.00223EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 6:17 p.m.4 views

GHSA-CVW6-GFVV-953Q Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook

Summary The Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace equalled the function's own namespace but performed no equivalent check on spec.environment.namespace. Details An attacker with permission to create Functions...

8.5CVSS5.8AI score0.00223EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/30 6:16 p.m.10 views

EUVD-2026-36096

Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook...

7.7CVSS5.8AI score0.00265EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 6:16 p.m.3 views

GHSA-3R8V-2XMJ-5C39 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Summary A Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by the admission webhook; PackageRef.Namespace was not. Details A tenant with functions.fission.io/create in their own namespace could set...

7.7CVSS5.8AI score0.00265EPSS
Exploits0References6
OSV
OSV
added 2026/06/30 6:15 p.m.4 views

GHSA-VJHC-CF4P-72Q4 Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration

Summary Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched Package.metadata.namespace. Details An attacker with packages.fission.io/create in their own namespace could set spec.environment.namespace to any other tenant's...

7.7CVSS5.9AI score0.00231EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/26 12:4 a.m.6 views

CVE-2026-13322

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...

3.8CVSS5.8AI score0.00098EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 6:14 p.m.4 views

GHSA-GWXR-7H77-7777 Capsule: Incomplete fix of CVE-2026-30963: singular/plural typo leaves namespaces/finalize unprotected

Summary Capsule v0.13.2 webhook rules contain namespace/finalize singular instead of namespaces/finalize plural. K8s requires plural. The finalize defense from CVE-2026-30963 fix is absent. Details PUT to /api/v1/namespaces//finalize has resource=namespaces plural. The singular rule never matches...

5.7CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2026/06/10 6:17 p.m.16 views

CVE-2026-50570

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...

8.5CVSS0.00274EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.12 views

CVE-2026-49824

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace...

8.5CVSS0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:34 p.m.13 views

EUVD-2026-36074

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...

8.5CVSS5.5AI score0.00274EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:34 p.m.19 views

CVE-2026-50570

Fission prior to v1.25.0 allowed tenant-created Function/Environment CRDs to request securityContext.capabilities.add: ["SYS_TIME"] despite a fixed denylist (SYS_ADMIN, NET_ADMIN, SYS_PTRACE, SYS_MODULE, DAC_READ_SEARCH, DAC_OVERRIDE). The validation/merge-layer sanitization did not block CAP_SYS...

8.5CVSS5.5AI score0.00274EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:25 p.m.28 views

CVE-2026-49824 Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace...

8.5CVSS0.00223EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:23 p.m.10 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:23 p.m.22 views

CVE-2026-49823

Summary : CVE-2026-49823 affects Fission (Kubernetes-native serverless framework). Before version 1.24.0, the PackageRef.Namespace in a Fission Function spec was not validated by the admission webhook (unlike Secret/ConfigMap). This allowed cross-namespace access via an unvalidated Package refere...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:23 p.m.31 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS0.00265EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48505

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description An issue exists in the Fission serverless framework where the admission webhook fails to validate the namespace for the PackageRef.Namespace reference type. While Secret and ConfigMap reference type...

7.7CVSS5.5AI score0.00265EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48506

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description Fission is an open-source, Kubernetes-native serverless framework used for deploying functions and applications on Kubernetes. The Function admission webhook in pkg/webhook/function.go fails to...

8.5CVSS5.8AI score0.00223EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.7 views

CVE-2026-39961

Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...

6.8CVSS5.8AI score0.00394EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 5:22 p.m.4 views

EUVD-2026-20965

Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource...

6.8CVSS5.8AI score0.00394EPSS
Exploits0References4
CVE
CVE
added 2026/04/09 5:14 p.m.19 views

CVE-2026-39961

CVE-2026-39961 (Aiven Operator) affects Aiven Operator versions 0.31.0–0.36.x. A developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any namespace. The operator reads the victim’s secret using its ClusterRole (aiven-operator-role) and writes ...

6.8CVSS5.9AI score0.00394EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder