Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0257

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00288EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/24 12:0 a.m.13 views

PT-2025-12664 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions prior to 1.14.0-alpha.1 Description: Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores the subjectRegExp and issuerRegExp fields when verifying...

9.8CVSS7.1AI score0.99098EPSS
Exploits23References48
OSV
OSV
added 2024/08/20 8:31 p.m.13 views

GO-2023-1829 Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notation

Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notation...

5.7CVSS5.3AI score0.00506EPSS
Exploits0References4
CVE
CVE
added 2024/01/19 10:19 p.m.35 views

CVE-2024-23332

CVE-2024-23332 affects the Notary Project: client configurations using permissive trust policies can enable rollback attacks if a compromised registry serves outdated artifacts. The connected sources describe that artifact publishers can set signature expiry and revoke certificates to keep artifa...

6.8CVSS6.6AI score0.00288EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2023/06/06 4:43 p.m.10 views

Notation vulnerable to denial of service from high number of artifact signatures

Impact An attacker who controls or compromises a registry can make the registry serve an infinite number of signatures for the artifact, causing a denial of service to the host machine running notation verify. Patches The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade the...

5.7CVSS6.6AI score0.00506EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder