4 matches found
PT-2026-50980
Name of the Vulnerable Software and Affected Versions Tilt versions 0.20.8 through 0.37.3 Description The HUD HTTP server lacks authentication for state-changing and sensitive-read endpoints. When the HUD is bound to a non-loopback address, a network attacker can trigger pre-defined Tiltfile...
CVE-2024-22032
A vulnerability has been identified in which an RKE1 cluster keeps constantly reconciling when secrets encryption configuration is enabled. When reconciling, the Kube API secret values are written in plaintext on the AppliedSpec. Cluster owners, Cluster members, and Project members for projects...
PT-2024-19166 · Rancher · Rancher Rke1
Name of the Vulnerable Software and Affected Versions: Rancher RKE1 versions 2.7.0 through 2.7.13 Rancher RKE1 versions 2.8.0 through 2.8.4 Description: A vulnerability has been identified in which an RKE1 cluster keeps constantly reconciling when secrets encryption configuration is enabled. When...
SUSE Rancher K3s Security Vulnerability
SUSE Rancher K3s is a CNCF sandboxing project from SUSE Germany that provides a lightweight but powerful certified Kubernetes distribution. A security vulnerability exists in SUSE Rancher K3s that stems from a resource allocation error issue that allows an attacker to access the...