Lucene search
K

124 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 5:26 p.m.20 views

CVE-2026-50545 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous...

9.9CVSS5.4AI score0.003EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 5:26 p.m.34 views

CVE-2026-50545

Fission (Kubernetes-native serverless) prior to version 1.24.0 allowed Environment.spec.runtime.podSpec and spec.builder.podSpec passthrough without validation, and MergePodSpec could propagate dangerous fields into generated pods. This CVE—CVE-2026-50545—describes a PodSpec injection with potent...

9.9CVSS5.4AI score0.003EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/10 5:25 p.m.29 views

CVE-2026-49824 Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace...

8.5CVSS0.00223EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:23 p.m.10 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:23 p.m.22 views

CVE-2026-49823

Summary : CVE-2026-49823 affects Fission (Kubernetes-native serverless framework). Before version 1.24.0, the PackageRef.Namespace in a Fission Function spec was not validated by the admission webhook (unlike Secret/ConfigMap). This allowed cross-namespace access via an unvalidated Package refere...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:23 p.m.33 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:22 p.m.28 views

CVE-2026-49822 Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a low-privilege developer who could create a KubernetesWatchTrigger KWT in their own namespace was able to establish a persistent...

7.7CVSS0.00231EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:21 p.m.27 views

CVE-2026-49821 Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched...

7.7CVSS0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:21 p.m.21 views

CVE-2026-49821

Fission (Kubernetes-native serverless framework) prior to v1.24.0 is affected where the buildermgr controller processed Package CRDs without validating that Package.spec.environment.namespace equals Package.metadata.namespace. This cross-namespace environment reference could enable build-time com...

7.7CVSS5.4AI score0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:20 p.m.21 views

CVE-2026-46618

CVE-2026-46618 affects Fission before v1.23.0: pkg/builder/builder.go passed Environment.spec.builder.command directly to exec.Command after strings.Fields, with no validation of the executable path or arguments. A user with Environment CRD privileges in a namespace could point the builder pod to...

6.9CVSS5.9AI score0.00364EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:20 p.m.33 views

CVE-2026-46618 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS0.00364EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:20 p.m.13 views

EUVD-2026-36093

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS5.9AI score0.00364EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:20 p.m.9 views

CVE-2026-46618 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS5.9AI score0.00364EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:20 p.m.32 views

CVE-2026-46617 Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide secret / configmap read

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted...

8.7CVSS0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:20 p.m.15 views

EUVD-2026-36092

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted...

8.7CVSS5.5AI score0.00276EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:20 p.m.34 views

CVE-2026-46617

CVE-2026-46617 (Fission) affects Fission runtimes prior to v1.23.0. The runtime pod was created with ServiceAccountName: fission-fetcher, which had namespace-wide get permissions on secrets and configmaps. The automounted token was accessible inside user function containers at /var/run/secrets/ku...

8.7CVSS5.5AI score0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:19 p.m.30 views

CVE-2026-46612 Fission StorageSvc /v1/archive endpoint exposes unauthenticated CRUD over all function archives

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component registers archive CRUD handlers /v1/archive GET / POST / DELETE and /v1/archives list directly on...

8.8CVSS0.00344EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/10 5:19 p.m.11 views

EUVD-2026-36091

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component registers archive CRUD handlers /v1/archive GET / POST / DELETE and /v1/archives list directly on...

8.8CVSS5.5AI score0.00344EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 5:19 p.m.17 views

CVE-2026-46612

Fission StorageSvc exposes archive CRUD endpoints (/v1/archive and /v1/archives) on the HTTP router without authentication prior to v1.23.0, allowing any caller within the same Kubernetes cluster to enumerate archive IDs, download archives from other tenants, upload arbitrary content, and delete ...

8.8CVSS5.5AI score0.00344EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/10 5:19 p.m.7 views

CVE-2026-46612 Fission StorageSvc /v1/archive endpoint exposes unauthenticated CRUD over all function archives

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component registers archive CRUD handlers /v1/archive GET / POST / DELETE and /v1/archives list directly on...

8.8CVSS5.5AI score0.00344EPSS
Exploits0References4
Rows per page
Query Builder