CVE-2026-6437 AWS EFS CSI Driver Mount Option Injection

Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...

Amazon EFS CSI Driver 安全漏洞

The Amazon EFS CSI Driver is an open-source component developed by the Kubernetes SIGs, used for mounting AWS File Storage in Kubernetes clusters. Previous versions of the Amazon EFS CSI Driver, such as 3.0.1, contained security vulnerabilities. These vulnerabilities stemmed from improper paramet...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: telegraf, apisix-ingress-controller, kine, atlantis, kots, dgraph, crossplane-provider-sql, kaf, wal-g, kube-state-metrics, promxy, cluster-autoscaler, kafka-proxy, k8sgpt-operator, memcached-exporter, migrate, cosign, fscrypt, terraform-docs, smarter-device-manager,...

CVE-2021-25743 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...

GHSA-F9JG-8P32-2F55 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...

GHSA-VV39-3W5Q-974Q vulnerabilities

Vulnerabilities for packages: rancher-webhook-fips, rancher-agent...

CVE-2024-10220 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips, kubernetes-dns-node-cache, ip-masq-agent, nodetaint, aws-efs-csi-driver, rancher-webhook-fips, argocd-image-updater-fips, kubernetes-dns-node-cache-fips, local-static-provisioner, k8s-device-plugin, argocd-image-updater,...

GHSA-H7WQ-JJ8R-QM7P vulnerabilities

Vulnerabilities for packages: argocd-image-updater, aws-efs-csi-driver-fips, aws-efs-csi-driver, argocd-image-updater-fips...

GHSA-H7WQ-JJ8R-QM7P vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, argocd-image-updater...

CVE-2024-0793 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, argocd-image-updater...

CVE-2024-0793 vulnerabilities

Vulnerabilities for packages: argocd-image-updater, aws-efs-csi-driver-fips, aws-efs-csi-driver, argocd-image-updater-fips...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: skopeo, flux-source-controller, golangci-lint, grpc-health-probe-fips, crossplane-provider-gcp, wave-fips, cortex-fips, regclient, oras, spire-server, weaviate, gatekeeper, secrets-store-csi-driver-provider-gcp, prometheus-postgres-exporter, go-bindata,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: skopeo, flux-source-controller, golangci-lint, crossplane-provider-gcp, spire-server, weaviate, secrets-store-csi-driver-provider-gcp, nuclei, prometheus-postgres-exporter, prometheus-beat-exporter, influx, ip-masq-agent, dynamic-localpv-provisioner, cosign-fips, mc,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: prometheus-adapter, aws-efs-csi-driver, spark-operator, nodetaint, ip-masq-agent, kubernetes-dns-node-cache...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, aws-efs-csi-driver-fips, kubernetes-dns-node-cache, ip-masq-agent, nodetaint, prometheus-adapter, aws-efs-csi-driver, aws-ebs-csi-driver, spark-operator...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, aws-efs-csi-driver-fips, kubernetes-dns-node-cache, ip-masq-agent, nodetaint, prometheus-adapter, aws-efs-csi-driver, aws-ebs-csi-driver, spark-operator...

GHSA-Q78C-GWQW-JCMC vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, kubeflow-pipelines...

GHSA-7FXM-F474-HF8W vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...

CVE-2023-3955 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, kubeflow-pipelines...

CVE-2023-3676 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...