42 matches found
CVE-2026-41185
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...
CVE-2026-41185 ServiceAccount token disclosure via Azure IPAM CNI plugin logs
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...
CVE-2026-41185 ServiceAccount token disclosure via Azure IPAM CNI plugin logs
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...
EUVD-2026-32933
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...
Tigera Calico 安全漏洞
Tigera Calico is an open-source network security solution developed by the American company Tigera, designed for container, virtual machine, and host workloads. Tigera Calico has a security vulnerability, which stems from the Azure IPAM plugin recording unencrypted configuration mappings in logs...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: dbmate, cert-manager, thanos-operator, infinispan-operator, aws-eks-pod-identity-agent, podinfo, rancher-fleet, incert, src-fingerprint, vault-k8s, timoni, mc, timescaledb-parallel-copy, hcloud, sftpgo-plugin-eventsearch, dive, terraform-docs, opa-envoy,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: dbmate, cert-manager, thanos-operator, infinispan-operator, aws-eks-pod-identity-agent, podinfo, rancher-fleet, incert, src-fingerprint, vault-k8s, timoni, amazon-k8s-cni, mc, timescaledb-parallel-copy, hcloud, sftpgo-plugin-eventsearch, dive, terraform-docs,...
CVE-2025-67499 vulnerabilities
Vulnerabilities for packages: flannel, docker-fips, multus-cni-fips, istio, calico, rootlesskit-fips, flannel-fips, nerdctl, amazon-k8s-cni-fips, buildah, containerd-fips, rke2-runtime, azure-ipam, multus-cni, rootlesskit, kuma, podman, containerd, nerdctl-fips, istio-fips, buildkitd, k3s,...
GHSA-JV3W-X3R3-G6RM vulnerabilities
Vulnerabilities for packages: flannel, docker-fips, multus-cni-fips, istio, calico, rootlesskit-fips, flannel-fips, nerdctl, amazon-k8s-cni-fips, buildah, containerd-fips, rke2-runtime, azure-ipam, multus-cni, rootlesskit, kuma, podman, containerd, nerdctl-fips, istio-fips, buildkitd, k3s,...
CVE-2025-67499 vulnerabilities
Vulnerabilities for packages: istio, flannel, rootlesskit, kuma, buildah, buildkitd, nerdctl, azure-ipam, docker, k3s, calico, containerd, datadog-agent, multus-cni, podman...
GHSA-JV3W-X3R3-G6RM vulnerabilities
Vulnerabilities for packages: istio, flannel, rootlesskit, kuma, buildah, buildkitd, nerdctl, azure-ipam, docker, k3s, calico, containerd, datadog-agent, multus-cni, podman...
GHSA-WCW9-47FP-RRFR vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
CVE-2025-58189 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
GHSA-JWMF-CHVC-RF92 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
GHSA-RJCG-56PH-3QVG vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
GHSA-HJX7-FPXX-MJ48 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
GHSA-447V-2QG4-H8HC vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
CVE-2025-61724 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
CVE-2025-61723 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...
CVE-2025-47912 vulnerabilities
Vulnerabilities for packages: licenseclassifier, dbmate, pgpool2exporter, step-kms-plugin, cert-manager, bazelisk, modelmesh-runtime-adapter, petname, thanos-operator, policy-controller, falcosidekick, infinispan-operator, helm-mapkubeapis, stakater-reloader, podinfo, manifest-tool,...