Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-1122

Malicious code in bioql PyPI...

6CVSS5.2AI score0.00902EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2024/06/04 1:11 p.m.3 views

SUSE CVE-2020-13597

Clusters using Calico version 3.14.0 and below, Calico Enterprise version 2.8.2 and below, may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node's IPv6 interface due to the node accepting route...

6CVSS4.8AI score0.00902EPSS
Exploits0References3
NVD
NVD
added 2024/04/29 11:15 p.m.25 views

CVE-2024-33522

In vulnerable versions of Calico v3.27.2 and below, Calico Enterprise v3.19.0-1, v3.18.1, v3.17.3 and below, and Calico Cloud v19.2.0 and below, an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. T...

6.7CVSS6.7AI score0.0022EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.4 views

Calico 安全漏洞

Tigera Calico is an open source cybersecurity solution for container, virtual machine, and host workloads from Tigera USA. A security vulnerability exists in Calico, Calico Enterprise, and Calico Cloud. An attacker could exploit the vulnerability to execute arbitrary binaries with elevated...

6.7CVSS7.2AI score0.0022EPSS
Exploits0References5
NVD
NVD
added 2023/11/06 4:15 p.m.29 views

CVE-2023-41378

In certain conditions for Calico Typha v3.26.2, v3.25.1 and below, and Calico Enterprise Typha v3.17.1, v3.16.3, v3.15.3 and below, a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake call is performed inside the main server...

7.5CVSS7.5AI score0.00723EPSS
Exploits0References3
Prion
Prion
added 2023/11/06 4:15 p.m.21 views

Design/Logic Flaw

In certain conditions for Calico Typha v3.26.2, v3.25.1 and below, and Calico Enterprise Typha v3.17.1, v3.16.3, v3.15.3 and below, a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake call is performed inside the main server...

5CVSS7AI score0.00723EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2023/11/06 3:0 p.m.115 views

CVE-2023-41378

The CVE-2023-41378 issue affects Calico Typha (v3.26.2, v3.25.1 and below) and Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 and below). The vulnerability arises because the TLS Handshake() is performed inside the main server loop without a timeout, allowing an unclean TLS handshake to block...

7.5CVSS7.3AI score0.00723EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2022/06/06 6:15 p.m.5 views

CVE-2022-28224

Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...

5.5CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2022/06/06 6:15 p.m.17 views

Input validation

Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...

5.5CVSS7.1AI score0.00562EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/06/06 5:19 p.m.28 views

CVE-2022-28224 Calico and Calico Enterprise may be vulnerable to route hijacking with the floating IP feature

Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...

5.5CVSS6.5AI score0.00562EPSS
Exploits0References1
CVE
CVE
added 2022/06/06 5:19 p.m.95 views

CVE-2022-28224

CVE-2022-28224 affects Calico across clusters using Calico ≤ 3.22.1 and Calico Enterprise ≤ 3.12.0. The issue allows a privileged attacker to set a floating IP annotation on a pod without the feature being enabled, due to insufficient validation, potentially intercepting and rerouting traffic to ...

5.5CVSS5.5AI score0.00562EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2022/06/06 12:0 a.m.4 views

Tigera Calico 输入验证错误漏洞

Tigera Calico is an open source network security solution for container, virtual machine and host workloads from US-based Tigera. A security vulnerability exists in Tigera Calico version 3.22.1 and earlier, and Calico Enterprise version 3.12.0 and earlier, which stems from vulnerability to route...

5.5CVSS7AI score0.00562EPSS
Exploits0References2
NVD
NVD
added 2020/06/03 5:15 p.m.23 views

CVE-2020-13597

Clusters using Calico version 3.14.0 and below, Calico Enterprise version 2.8.2 and below, may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route...

6CVSS6AI score0.00902EPSS
Exploits0References3
Prion
Prion
added 2020/06/03 5:15 p.m.21 views

Information disclosure

Clusters using Calico version 3.14.0 and below, Calico Enterprise version 2.8.2 and below, may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route...

2.1CVSS4.2AI score0.00902EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/06/03 4:44 p.m.73 views

CVE-2020-13597

Calico and Calico Enterprise clusters are affected (Calico ≤ 3.14.0; Calico Enterprise ≤ 2.8.2). The root cause is improper validation of IPv6 router advertisements, allowing a compromised privileged pod to reconfigure the node’s IPv6 interface because the node accepts route advertisements by def...

6CVSS4.3AI score0.00902EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder