5 matches found
CVE-2025-2786
creationtimestamp| type| source ---|---|--- 2025-04-02 12:56:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lltgrtolbw2x 2025-04-02 14:58:56+00:00| seen| https://t.me/cvedetector/21854...
CVE-2025-2786
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...
CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...
CVE-2025-2786
CVE-2025-2786 affects Grafana Tempo Operator. A flaw during TempoStack/TempoMonolithic deployment creates a ServiceAccount, ClusterRole, and ClusterRoleBinding, enabling a user with full access to their namespace to extract the ServiceAccount token and use TokenReview and SubjectAccessReview requ...
CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...