Lucene search
K

7 matches found

NVD
NVD
added 2025/09/05 10:15 p.m.11 views

CVE-2025-58366

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

9.4CVSS0.00328EPSS
Exploits0References3
OSV
OSV
added 2025/09/05 9:29 p.m.6 views

CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

9.4CVSS6.8AI score0.00328EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/05 9:29 p.m.4 views

CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

9.4CVSS6.4AI score0.00328EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/05 9:29 p.m.14 views

CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API

Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...

9.4CVSS0.00328EPSS
Exploits0References3
NVD
NVD
added 2024/05/15 4:15 p.m.39 views

CVE-2024-31216

The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...

5.1CVSS5.2AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/15 3:52 p.m.41 views

CVE-2024-31216 source-controller leaks theAzure Storage SAS token into logs on connection errors

The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...

5.1CVSS5.5AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/03/22 12:0 a.m.5 views

ArgoCD 安全漏洞

ArgoCD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in a Git repository, automatically synchronizing and deploying...

9CVSS7.9AI score0.01237EPSS
Exploits1References11
Rows per page
Query Builder