4 matches found
CVE-2026-23634 Pepr Overly Permissive RBAC ClusterRole in Admin Mode
Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with...
CVE-2026-23634
Pepr is a Kubernetes middleware that, before version 1.0.5, defaulted to a cluster-admin RBAC configuration, potentially enabling broad access for modules during initial setup. The issue is fixed in 1.0.5. Affected component: Pepr (RBAC/cluster-admin defaults). Documented remediation guidance fro...
EUVD-2018-2034
Malware in sbrugna...
CVE-2021-26543
The "gitDiff" function in Wayfair git-parse =1.0.4 has a command injection vulnerability. Clients of the git-parse library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. The issue has been resolved in version 1.0.5...