Exposure of Resource to Wrong Sphere

Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere in the CAProvider configuration process for SecretStore resources when resolving ConfigMaps across namespaces. An attacker can access CA material from another namespace by specifying the...

Kubernetes Configuration Detected

Kubernetes is an open-source container orchestration platform used to automate the deployment, scaling, and management of containerized applications. Kubernetes configuration files, such as YAML manifests, define resources like Deployments, Services, ConfigMaps, and Secrets.\n\nWhen exposed with...

AZL-67049 CVE-2025-9566 affecting package podman 5.6.1-7

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

PT-2022-16424 · Red Hat · Openshift Container Platform

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform affected versions not specified Description: A credentials leak was found in the OpenShift Container Platform, where the private key for the external cluster certificate was stored incorrectly in the...