7 matches found
CVE-2022-39272
Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interv...
CVE-2022-39272
creationtimestamp| type| source ---|---|--- 2023-02-28 06:07:26+00:00| seen| https://t.me/cibsecurity/51955...
CVE-2022-39272
Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interv...
CVE-2022-39272 vulnerabilities
Vulnerabilities for packages: kubevela...
CVE-2022-39272 vulnerabilities
Vulnerabilities for packages: kubevela...
CVE-2022-39272 Flux2 vulnerable to Denial of Service due to Improper use of metav1.Duration
Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interv...
CVE-2022-39272
The CVE affects Flux (Flux2) prior to version 0.35.0. A DoS can occur when users with permissions to modify Flux objects provide invalid data to fields .spec.interval or .spec.timeout (and variations), causing the affected object type to stop being processed. The issue is tied to two root causes:...