Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1065

Malicious code in bioql PyPI...

7CVSS6.8AI score0.00362EPSS
Exploits0References4
NVD
NVD
added 2023/03/06 7:15 p.m.16 views

CVE-2023-23939

Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable. This...

7CVSS5.2AI score0.00362EPSS
Exploits0References2
CVE
CVE
added 2023/03/06 6:19 p.m.60 views

CVE-2023-23939

CVE-2023-23939 concerns the Azure/setup-kubectl GitHub Action (Kubectl installer). Affected versions prior to 3.0 suffer from insecure temporary file creation that makes the Kubectl binary world-writable, allowing any local actor on the Actions runner to replace it. The installer uses fs.chmodSyn...

7CVSS5.6AI score0.00362EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/06 6:19 p.m.7 views

CVE-2023-23939 Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lower

Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable. This...

3.9CVSS7AI score0.00362EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.7 views

PT-2023-19310 · Microsoft · Azure/Setup-Kubectl

Name of the Vulnerable Software and Affected Versions: Azure/setup-kubectl versions prior to 3 Description: The issue arises from an insecure temporary creation of a file, allowing other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable...

7CVSS7AI score0.00362EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/03/06 12:0 a.m.7 views

Azure setup-kubectl 安全漏洞

setup-kubectl is a tool to install kubectl in Azure cloud. A security vulnerability exists in Azure setup-kubectl versions prior to 3.0. An attacker can escalate privileges by exploiting the vulnerability...

7CVSS7AI score0.00362EPSS
Exploits0References3
Rows per page
Query Builder