5 matches found
GHSA-V554-XWGW-HC3W source-controller leaks Azure Storage SAS token into logs
Impact When source-controller is configured to use an Azure SAS token when connecting to Azure Blob Storage, the token was logged along with the Azure URL when the controller encountered a connection error. An attacker with access to the source-controller logs could use the token to gain access t...
GHSA-F4P5-X4VC-MH4V Improper use of metav1.Duration allows for Denial of Service
Flux controllers within the affected versions range are vulnerable to a denial of service attack. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured...
Improper use of metav1.Duration allows for Denial of Service
Flux controllers within the affected versions range are vulnerable to a denial of service attack. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured...
GHSA-P2G7-XWVR-RRW3 Helm Controller denial of service
Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK allows for specific data inputs to cause high memory consumption, which in some platforms could cause the controller to panic and stop processing reconciliations. Impact In a shared cluster multi-tenanc...
Flux CLI Workload Injection
Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allows other applications to replace the Flux deployment information with arbitrary content which is deployed into the target Kubernetes cluster instead. The vulnerability is due to the...