6 matches found
CVE-2026-40868 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header...
Kyverno 安全漏洞
Kyverno is an open-source strategy engine designed for Kubernetes by Kyverno developers. Versions of Kyverno prior to 1.16.4 contained a security vulnerability. This vulnerability stemmed from the apiCall servicecall assistant implicitly injecting authorization tokens, which could lead to the...
tar-fs 安全漏洞
tar-fs is a tar-stream file system bundle. A security vulnerability exists in tar-fs versions prior to 1.16.4, prior to 2.1.2, and prior to 3.0.8, which originates from path traversal when decompressing a malicious tar file...
PT-2022-26513 · Osticket · Osticket
Name of the Vulnerable Software and Affected Versions: osTicket versions prior to 1.16.4 Description: The issue is related to Cross-site Scripting XSS - Reflected, which was found in the GitHub repository osticket/osticket. Recommendations: For versions prior to 1.16.4, update to version 1.16.4 o...
PT-2022-13517 · Gitea +1 · Gitea +1
Name of the Vulnerable Software and Affected Versions: gitea versions prior to 1.16.4 Description: The issue concerns missing authorization in the gitea repository. This allows for improper authorization, potentially leading to unauthorized access. A patch is available as part of the 1.16.4...
DEBIAN-CVE-2021-31525
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...