Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6528

Malicious code in bioql PyPI...

6.5CVSS8.1AI score0.00169EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-2846

Malicious code in bioql PyPI...

4.9CVSS5.1AI score0.00574EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/04/23 5:51 a.m.16 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.39 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2025/03/20 3:27 a.m.3 views

SUSE CVE-2025-29781

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS6.8AI score0.00169EPSS
Exploits0References2
OSV
OSV
added 2025/03/18 6:14 p.m.9 views

GO-2025-3530 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis

Bare Metal Operator BMO can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis...

6.5CVSS6.8AI score0.00169EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/03/17 11:49 p.m.11 views

CVE-2025-29781

A flaw was found in the Bare Metal Operator BMO Kubernetes API component. BMO enables users to load Secrets from arbitrary namespaces upon deployment of the namespace-scoped Custom Resource BMCEventSubscription. In affected versions, an adversary using a Kubernetes account with only namespace lev...

8.2CVSS6.4AI score0.00169EPSS
Exploits0References8
NVD
NVD
added 2025/03/17 10:15 p.m.16 views

CVE-2025-29781

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS0.00169EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/17 9:37 p.m.20 views

CVE-2025-29781 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS0.00169EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/03/17 9:37 p.m.9 views

CVE-2025-29781 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS6.8AI score0.00169EPSS
Exploits0References5
CVE
CVE
added 2025/03/17 9:37 p.m.196 views

CVE-2025-29781

The connected IBM security bulletin confirms CVE-2025-29781 in Bare Metal Operator (BMO) for Kubernetes/Metal3. Before patch releases v0.9.1 and v0.8.1, a namespace-scoped attacker could cause Secret leakage by loading Secrets from unauthorized namespaces when deploying BMCEventSubscription. The ...

6.5CVSS6.4AI score0.00169EPSS
Exploits0References5
OSV
OSV
added 2025/03/17 9:37 p.m.14 views

CVE-2025-29781 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS8AI score0.00169EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/03/17 9:26 p.m.25 views

Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

Impact The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription BMCES. An adversary Kubernetes account wit...

6.5CVSS6.6AI score0.00169EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/03/17 9:26 p.m.9 views

GHSA-C98H-7HP9-V9HQ Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

Impact The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription BMCES. An adversary Kubernetes account wit...

6.5CVSS6.3AI score0.00169EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.4 views

Bare Metal Operator 安全漏洞

Bare Metal Operator is a Metal3 open source application that uses the Kubernetes API to manage bare metal hosts. A security vulnerability exists in Bare Metal Operator versions prior to 0.8.1 and 0.9.1 that stems from improper access control and could lead to secret disclosure...

6.5CVSS7.9AI score0.00169EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/12/23 3:53 a.m.2 views

SUSE CVE-2024-43803

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespace of th...

4.9CVSS6.6AI score0.00574EPSS
Exploits0References4
OSV
OSV
added 2024/12/20 8:36 p.m.11 views

GO-2024-3109 The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator

The Bare Metal Operator BMO can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator...

4.9CVSS5.3AI score0.00574EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/09/24 3:28 p.m.25 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.14 security update

Red Hat OpenShift Container Platform release 4.16.14 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8.3CVSS6.7AI score0.01279EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2024/09/04 5:40 a.m.29 views

CVE-2024-43803

A flaw was found in the Bare Metal Operator BMO. The BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for the...

4.9CVSS6.5AI score0.00574EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2024/09/03 8:13 p.m.25 views

The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD

Impact The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespac...

4.9CVSS6.6AI score0.00574EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/09/03 8:13 p.m.14 views

GHSA-PQFH-XH7W-7H3P The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD

Impact The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespac...

6.9CVSS5.1AI score0.00574EPSS
Exploits0References9
Rows per page
Query Builder