3 matches found
GHSA-HMP7-X699-CVHQ Argo Events users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Summary: A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. Details: The EventSource and Sensor CRs allow the corresponding orchestrated pod to be customiz...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : EventSource vulnerability (USN-6082-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6082-1 advisory. It was discovered that EventSource incorrectly handled certain inputs. If a user or an automated system were tricked into...
0726react (=0.1.1), 0x0range-homebridge-homeassistant (>=1.0.0 <=1.0.1) +8937 more potentially affected by CVE-2022-1650 via eventsource (>=0.0.10 <=1.1.0)
eventsource NPM version =0.0.10, =1.0.0, =1.0.4, =1.0.0, =0.0.1, =0.1.0, =1.4.0, =1.0.3, =1.0.4, =3.0.2, =5.0.1-0 and more Source cves: CVE-2022-1650 Source advisory: OSV:GHSA-6H5X-7C5M-7CR7...