Lucene search
K

37 matches found

EUVD
EUVD
added yesterday9 views

EUVD-2026-36101

Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container...

4.9CVSS5.8AI score0.00255EPSS
Exploits0References5
EUVD
EUVD
added yesterday12 views

EUVD-2026-36099

Fission Container Executor Function PodSpec Injection Leading to Node Escape...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References5
EUVD
EUVD
added yesterday9 views

EUVD-2026-36097

Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook...

8.5CVSS5.8AI score0.00223EPSS
Exploits0References5
EUVD
EUVD
added yesterday7 views

EUVD-2026-36096

Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook...

7.7CVSS5.8AI score0.00265EPSS
Exploits0References5
EUVD
EUVD
added yesterday10 views

EUVD-2026-36095

Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance...

7.7CVSS5.8AI score0.00231EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 6:17 p.m.15 views

CVE-2026-50570

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...

8.5CVSS0.00274EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.10 views

CVE-2026-50567

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join and wrote the result...

7.7CVSS0.00301EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.12 views

CVE-2026-50564

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs fo...

9.9CVSS0.00274EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.10 views

CVE-2026-50545

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous...

9.9CVSS0.003EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 6:17 p.m.13 views

CVE-2026-49821

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched...

7.7CVSS0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.10 views

CVE-2026-46618

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS0.00364EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:17 p.m.12 views

CVE-2026-46617

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted...

8.7CVSS0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:34 p.m.10 views

EUVD-2026-36074

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs ValidatePodSpecSafety /...

8.5CVSS5.5AI score0.00274EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:31 p.m.9 views

EUVD-2026-36072

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/10 5:31 p.m.25 views

CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS0.00114EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/10 5:31 p.m.7 views

CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 5:31 p.m.22 views

CVE-2026-50568

Fission (Kubernetes-native serverless framework) has a lexical path check vulnerability in SanitizeFilePath (pkg/utils/utils.go) that used strings.HasPrefix(path, safedir) instead of a directory-boundary check. This allowed a sibling directory escape (e.g., /packages-extra/evil under /packages) t...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 5:30 p.m.18 views

CVE-2026-50567

CVE-2026-50567 affects Fission prior to 1.25.0. The vulnerability resides in Unarchive (pkg/utils/zip.go) where archive entry paths are joined with the destination path without validating that the final path stays under the destination. An attacker who can control a Package.Spec.Source.URL or Dep...

7.7CVSS5.4AI score0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:29 p.m.6 views

CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability...

9.9CVSS5.4AI score0.0029EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:29 p.m.35 views

CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability...

9.9CVSS0.0029EPSS
Exploits0References3
Rows per page
Query Builder