7 matches found
CVE-2025-58366
Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...
CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API
Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...
CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API
Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...
CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API
Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public unauthenticated /public/catalogs endpoint.vOnly instances using private helm repositories i.e setting username & password in the...
CVE-2024-31216
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...
CVE-2024-31216 source-controller leaks theAzure Storage SAS token into logs on connection errors
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...
ArgoCD 安全漏洞
ArgoCD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in a Git repository, automatically synchronizing and deploying...