Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/28 3:47 p.m.6 views

CVE-2026-41185

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6CVSS5.8AI score0.00323EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/28 3:47 p.m.29 views

CVE-2026-41184 ServiceAccount token disclosure via install-cni container logs

In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the SERVICEACCOUNTTOKEN placeholder Canal/Flannel-Calico deployments, the installer substitutes the live Kubernetes ServiceAccount bearer token before logging,...

6CVSS0.00504EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.10 views

PT-2026-44410

Name of the Vulnerable Software and Affected Versions Calico affected versions not specified Description When configured with the Azure IPAM plugin, the Calico CNI binary modifies the incoming CNI configuration to include subnet information before passing it to the IPAM plugin. The Azure IPAM...

6.5CVSS5.5AI score0.00323EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/12/21 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4593-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.6AI score0.01525EPSS
Exploits0References4
Veracode
Veracode
added 2021/02/08 6:36 a.m.22 views

Arbitrary Path Injection

github.com/containernetworking/cni is vulnerable to arbitrary path injection. A user is be able to change the type: field in a CNI configuration to an arbitrary path and could execute arbitrary binaries on a host...

7.2CVSS2.8AI score0.01525EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder