Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/06 6:21 a.m.6 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS8AI score0.00323EPSS
Exploits0References1
Circl
Circl
added 2025/06/04 6:57 a.m.15 views

CVE-2025-48710

creationtimestamp| type| source ---|---|--- 2025-06-04 06:57:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqra3vvu272s...

4.1CVSS7AI score0.00323EPSS
Exploits0References1
NVD
NVD
added 2025/06/04 6:15 a.m.11 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/04 5:50 a.m.4 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS8.2AI score0.00323EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/04 5:50 a.m.18 views

CVE-2025-48710

kro Kube Resource Orchestrator 0.1.0 before 0.2.1 allows users with permission to create or modify ResourceGraphDefinition resources to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in...

4.1CVSS0.00323EPSS
Exploits0References2
CVE
CVE
added 2025/06/04 5:50 a.m.55 views

CVE-2025-48710

CVE-2025-48710 affects kro (Kube Resource Orchestrator) with affected version 0.1.0 up to before 0.2.1. The issue stems from users who can create or modify ResourceGraphDefinition resources being able to supply arbitrary container images, enabling a confused-deputy scenario where kro controllers ...

4.1CVSS8.1AI score0.00323EPSS
Exploits0References2
Rows per page
Query Builder