13 matches found
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: sqlexporter, glow, openbao-fips, gpu-operator, docker-cli-fips, buildkitd, cass-operator, spark-operator-fips, vault-csi-provider, gosu, velero, external-secrets-operator, helm-fips, authservice, kubernetes-fips, docker-credential-gcr,...
GHSA-62JJ-GR2R-5C34 vulnerabilities
Vulnerabilities for packages: glow, localstack, gpu-operator, docker-cli-fips, buildkitd, cass-operator, fzf, spark-operator-fips, vault-csi-provider, terraform-docs, gosu, kaniko-fips, velero, kuberay-operator, external-secrets-operator, libnvidia-container, nfs-subdir-external-provisioner-fips,...
GHSA-W32M-9786-JP63 vulnerabilities
Vulnerabilities for packages: cloudflared, step-ca, falcosidekick, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, prometheus-adapter, slsa-verifier, yq, gh, crossplane-provider-aws-elasticache, envoy-gateway, secrets-store-csi-driver,...
GO-2024-3212 AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers in sigs.k8s.io/aws-load-balancer-controller
AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers in sigs.k8s.io/aws-load-balancer-controller. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module...
AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers
Summary The AWS Load Balancer Controller includes an optional, default-enabled feature that manages WAF WebACLs on Application Load Balancers ALBs on your behalf. In versions 2.8.1 and earlier, if the WebACL annotation 1 alb.ingress.kubernetes.io/wafv2-acl-arn or...
GHSA-RJFV-PJVX-MJGV AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers
Summary The AWS Load Balancer Controller includes an optional, default-enabled feature that manages WAF WebACLs on Application Load Balancers ALBs on your behalf. In versions 2.8.1 and earlier, if the WebACL annotation 1 alb.ingress.kubernetes.io/wafv2-acl-arn or...
Important: Red Hat Enhancement Advisory: Release of AWS Load Balancer Operator 1.1.z on OperatorHub
Release of AWS Load Balancer Operator 1.1.z Release of OpenShift AWS Load Balancer Operator 1.1.z...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: prometheus-pushgateway-fips, k8sgpt-operator, aws-load-balancer-controller, buildkitd, prometheus-bind-exporter, coredns, prometheus-postgres-exporter, falcoctl-fips, thanos-operator, vault-csi-provider, external-secrets-operator, nfs-subdir-external-provisioner-fips...
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: prometheus-pushgateway-fips, k8sgpt-operator, aws-load-balancer-controller, buildkitd, prometheus-bind-exporter, coredns, prometheus-postgres-exporter, falcoctl-fips, thanos-operator, vault-csi-provider, external-secrets-operator, nfs-subdir-external-provisioner-fips...
GHSA-R25M-CR6V-P9HQ ethyca-fides Webserver API Path Traversal vulnerability
Impact A path traversal directory traversal vulnerability affects fides versions lower than 2.15.1, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. Patches The vulnerability is patched in fides 2.15.1. Users should upgrade to this version...
Path traversal
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
Kubernetes: AWS Load Balancer Controller can be used by an attacker to modify rules of any Security Group that they are able to tag
Report Submission Form Summary: The IAM Policy of AWS Load Balancer Controller allows it to modify rules of any SG on the AWS Account. This is legitimately used to manage Security Groups created by the controller when an Ingress resource doesn’t explicit a SG. Annotations can be added to the...
Kubernetes: AWS Load Balancer Controller Managed Security Groups can be replaced by an unprivileged attacker
Report Submission Form Summary: When creating an Ingress of class alb, by default, AWS Load Balancer Controller creates a managed SG and attaches it to the created ALB. This SG limits which ports of the ALB are accessible by whom. An attacker is able to craft another SG that can be used to trick...