Lucene search
K

42 matches found

Cvelist
Cvelist
added 2026/05/28 3:47 p.m.31 views

CVE-2026-41185 ServiceAccount token disclosure via Azure IPAM CNI plugin logs

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6CVSS0.00323EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:47 p.m.7 views

CVE-2026-41185

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6CVSS5.8AI score0.00323EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/28 3:47 p.m.11 views

EUVD-2026-32933

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6CVSS5.8AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 3:47 p.m.9 views

CVE-2026-41185 ServiceAccount token disclosure via Azure IPAM CNI plugin logs

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6CVSS5.8AI score0.00323EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Tigera Calico 安全漏洞

Tigera Calico is an open-source network security solution developed by the American company Tigera, designed for container, virtual machine, and host workloads. Tigera Calico has a security vulnerability, which stems from the Azure IPAM plugin recording unencrypted configuration mappings in logs...

6CVSS5.8AI score0.00323EPSS
Exploits0References4
Wolfi
Wolfi
added 2026/02/10 1:48 p.m.26 views

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, kube-logging-operator-custom-runner, crossplane-provider-aws-ec2, gke-gcloud-auth-plugin, jaeger-operator, buf, podman, terraform-provider-azuread, falco-no-driver, kube-bench, kube-logging-operator, stakater-reloader, kubeflow, crossplane...

10CVSS6.9AI score0.00765EPSS
Exploits1
Wolfi
Wolfi
added 2026/02/10 1:48 p.m.15 views

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, kube-logging-operator-custom-runner, crossplane-provider-aws-ec2, gke-gcloud-auth-plugin, jaeger-operator, buf, podman, terraform-provider-azuread, falco-no-driver, kube-bench, kube-logging-operator, stakater-reloader, kubeflow, crossplane...

8.6CVSS7.1AI score0.00472EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/10 7:17 p.m.6 views

CVE-2025-67499 vulnerabilities

Vulnerabilities for packages: flannel-fips, kuma, nerdctl-fips, rke2-runtime, datadog-agent-fips, calico, flannel, nerdctl, multus-cni-fips, rootlesskit, k3s, buildah, buildkitd, rootlesskit-fips, datadog-agent, calico-fips, containerd, azure-ipam, docker, containerd-fips, multus-cni, istio-fips,...

6.6CVSS6.8AI score0.00117EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/10 7:17 p.m.6 views

GHSA-JV3W-X3R3-G6RM vulnerabilities

Vulnerabilities for packages: flannel-fips, kuma, nerdctl-fips, rke2-runtime, datadog-agent-fips, calico, flannel, nerdctl, multus-cni-fips, rootlesskit, k3s, buildah, buildkitd, rootlesskit-fips, datadog-agent, calico-fips, containerd, azure-ipam, docker, containerd-fips, multus-cni, istio-fips,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/12/10 1:47 p.m.5 views

CVE-2025-67499 vulnerabilities

Vulnerabilities for packages: docker, calico, azure-ipam, datadog-agent, nerdctl, istio, rootlesskit, podman, kuma, multus-cni, flannel, k3s, buildah, containerd, buildkitd...

6.6CVSS6.8AI score0.00117EPSS
Exploits0
Wolfi
Wolfi
added 2025/12/10 1:47 p.m.4 views

GHSA-JV3W-X3R3-G6RM vulnerabilities

Vulnerabilities for packages: docker, calico, azure-ipam, datadog-agent, nerdctl, istio, rootlesskit, podman, kuma, multus-cni, flannel, k3s, buildah, containerd, buildkitd...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.9 views

GHSA-WCW9-47FP-RRFR vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.9 views

CVE-2025-58186 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.3CVSS6.7AI score0.00534EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.6 views

GHSA-7WWX-XJ66-R44X vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.7 views

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator, redpanda, s5cmd,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.30 views

CVE-2025-58185 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.3CVSS6.7AI score0.00526EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.14 views

CVE-2025-61723 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

7.5CVSS7.1AI score0.00626EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.9 views

CVE-2025-58188 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

7.5CVSS7.1AI score0.00361EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.7 views

GHSA-QH38-484V-W52X vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.8 views

GHSA-JWMF-CHVC-RF92 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, amass, http-echo, go-md2man, juicefs, litefs, rancher-helm, kube-logging-operator-custom-runner, gke-gcloud-auth-plugin, terraform-provider-azuread, metacontroller, falco-no-driver, kube-bench, opensearch-k8s-operator, kubescape-operator,...

5.9AI score
Exploits0
Rows per page
Query Builder