Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:42 p.m.9 views

CVE-2022-24877

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS6.8AI score0.01108EPSS
Exploits0References1
CVE
CVE
added 2022/05/06 1:10 a.m.96 views

CVE-2022-24877

CVE-2022-24877 affects Flux/Open source Flux CD components: path traversal in the kustomize-controller triggered by a crafted kustomization.yaml, enabling exposure of sensitive data from the controller pod filesystem and potentially privilege escalation in multi-tenant deployments. The issue is m...

9.9CVSS8.6AI score0.01108EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/05/06 1:10 a.m.5 views

CVE-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS9.3AI score0.01108EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/06 1:10 a.m.30 views

CVE-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS9.6AI score0.01108EPSS
Exploits0References1
Rows per page
Query Builder