37 matches found
EUVD-2026-36101
Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container...
EUVD-2026-36099
Fission Container Executor Function PodSpec Injection Leading to Node Escape...
EUVD-2026-36097
Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook...
EUVD-2026-36096
Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook...
EUVD-2026-36095
Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance...
CVE-2026-50570
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...
CVE-2026-50567
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join and wrote the result...
CVE-2026-50564
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs fo...
CVE-2026-50545
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous...
CVE-2026-49821
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched...
CVE-2026-46618
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...
CVE-2026-46617
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted...
EUVD-2026-36074
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...
EUVD-2026-36072
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...
CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...
CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...
CVE-2026-50568
Fission (Kubernetes-native serverless framework) has a lexical path check vulnerability in SanitizeFilePath (pkg/utils/utils.go) that used strings.HasPrefix(path, safedir) instead of a directory-boundary check. This allowed a sibling directory escape (e.g., /packages-extra/evil under /packages) t...
CVE-2026-50567
CVE-2026-50567 affects Fission prior to 1.25.0. The vulnerability resides in Unarchive (pkg/utils/zip.go) where archive entry paths are joined with the destination path without validating that the final path stays under the destination. An attacker who can control a Package.Spec.Source.URL or Dep...
CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability...
CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability...