Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/06/06 3:18 a.m.4 views

SUSE CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it's considere...

4.3CVSS7AI score0.00282EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.11 views

CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS6.3AI score0.00282EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 5:52 p.m.10 views

GHSA-756X-M4MJ-Q96C Kubewarden-Controller information leak via AdmissionPolicyGroup Resource

Impact The policy group feature, added to by the 1.17.0 release, introduced two new types of CRD: ClusterAdmissionPolicyGroup and AdmissionPolicyGroup. The former is cluster wide, while the latter is namespaced. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluste...

4.3CVSS4.7AI score0.00282EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/01/30 5:52 p.m.32 views

Kubewarden-Controller information leak via AdmissionPolicyGroup Resource

Impact The policy group feature, added to by the 1.17.0 release, introduced two new types of CRD: ClusterAdmissionPolicyGroup and AdmissionPolicyGroup. The former is cluster wide, while the latter is namespaced. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluste...

4.3CVSS4.5AI score0.00282EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/01/30 3:39 p.m.26 views

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS0.00282EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/30 3:39 p.m.9 views

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS4.4AI score0.00282EPSS
Exploits0References2
CVE
CVE
added 2025/01/30 3:39 p.m.101 views

CVE-2025-24784

CVE-2025-24784 affects kubewarden-controller (AdmissionPolicyGroup CRD) in Kubewarden. The issue enables an information leak where context aware policies can—via the ServiceAccount used to run the Policy Server—list/get resources in the cluster beyond the policy’s own scope, depending on the RBAC...

4.3CVSS4.4AI score0.00282EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.8 views

PT-2025-5568 · Unknown +1 · Kubewarden-Controller +1

Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions 1.17.0 through 1.20.x Description: The issue allows an attacker to obtain information about resources that are out of their reach by leveraging a higher access to the cluster granted to the ServiceAccount token...

10CVSS6.7AI score0.02652EPSS
Exploits4References88
Rows per page
Query Builder