keda 安全漏洞

keda is a Kubernetes scaling software open source by KEDA. A security vulnerability exists in keda versions prior to 2.17.3 and prior to 2.18.3, which stems from insufficient path validation in TriggerAuthentication and could lead to arbitrary file reads...

AZL-71632 CVE-2025-65637 affecting package moby-compose for versions less than 2.17.3-13

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...