2 matches found
CVE-2022-24829
Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api...
CVE-2022-24829
CVE-2022-24829 affects Garden, an automation platform for Kubernetes development and testing. In versions before 0.12.39, multiple endpoints did not require authentication, with the configuration exposed via the local /api endpoint on a server bound to 0.0.0.0, making it accessible on the network...