Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2025/07/04 2:37 p.m.1 views

SUSE CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS8.3AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/06 6:21 a.m.5 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS8AI score0.00323EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/04 6:30 a.m.11 views

kro Confused Deputy vulnerability

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS7.9AI score0.00323EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/04 5:50 a.m.4 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS8.2AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 2025/06/04 5:50 a.m.54 views

CVE-2025-48710

CVE-2025-48710 affects kro (Kube Resource Orchestrator) with affected version 0.1.0 up to before 0.2.1. The issue stems from users who can create or modify ResourceGraphDefinition resources being able to supply arbitrary container images, enabling a confused-deputy scenario where kro controllers ...

4.1CVSS8.1AI score0.00323EPSS
Exploits0References2
Rows per page
Query Builder