7 matches found
PT-2026-29926
Contrast BadAML injection allows arbitrary code execution in github.com/edgelesssys/contrast...
GO-2025-4078 Contrast has insecure LUKS2 persistent storage partitions may be opened and used in github.com/edgelesssys/contrast
Contrast has insecure LUKS2 persistent storage partitions may be opened and used in github.com/edgelesssys/contrast...
GO-2025-3920 Contrast leaks workload secrets to logs on INFO level in github.com/edgelesssys/contrast
Contrast leaks workload secrets to logs on INFO level in github.com/edgelesssys/contrast...
PT-2025-36645
Contrast leaks workload secrets to logs on INFO level in github.com/edgelesssys/contrast...
GO-2023-2378 Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks
Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks...
GO-2023-1583 User data in TPM attestation vulnerable to MITM in github.com/edgelesssys/constellation
User data in TPM attestation vulnerable to MITM in github.com/edgelesssys/constellation...
Firewall Bypass
github.com/edgelesssys/constellation is vulnerable to Firewall Bypass. The vulnerability is due to the world configuration which does not prevent unauthorized access to entities inside the cloud VPC to directly reach pods using their internal IP addresses...