Lucene search
K

4 matches found

OSV
OSV
added 2026/05/21 8:16 p.m.8 views

GHSA-85G2-PMRX-R49Q Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide secret / configmap read

Summary Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted namespace-wide get on secrets and configmaps it needs that to load function code, env vars, and config. The runtime pod's automounted token was reachable from...

8.7CVSS5.8AI score0.00276EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/21 8:16 p.m.26 views

Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide secret / configmap read

Summary Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted namespace-wide get on secrets and configmaps it needs that to load function code, env vars, and config. The runtime pod's automounted token was reachable from...

8.7CVSS5.8AI score0.00276EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42687

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.23.0 Description Runtime pods were configured with the fission-fetcher ServiceAccount, which possesses namespace-wide get permissions for secrets and configmaps. Because the service account token was automounted and...

8.7CVSS5.9AI score0.00276EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42606

Summary Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted namespace-wide get on secrets and configmaps it needs that to load function code, env vars, and config. The runtime pod's automounted token was reachable from...

5.8AI score
Exploits0References5
Rows per page
Query Builder