Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0865

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00217EPSS
Exploits0References9
nvd
nvd
added 2023/03/17 8:15 p.m.37 views

CVE-2023-27593

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

5.5CVSS4.9AI score0.00217EPSS
Exploits0References6
cvelist
cvelist
added 2023/03/17 7:51 p.m.38 views

CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

4.4CVSS5.7AI score0.00217EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2023/03/17 7:51 p.m.7 views

CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

4.4CVSS5.5AI score0.00217EPSS
Exploits0References6
osv
osv
added 2023/03/17 6:20 p.m.12 views

GHSA-4HC4-PGFX-3MRX cilium-agent container can access the host via `hostPath` mount

Impact An attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the...

4.4CVSS5.3AI score0.00217EPSS
Exploits0References8
github
github
added 2022/09/16 5:21 p.m.48 views

Talos worker join token can be used to get elevated access level to the Talos API

Impact Talos worker nodes use a join token to get accepted into the Talos cluster. A misconfigured Kubernetes environment may allow workloads to access the join token of the worker node. A malicious workload could then use the join token to construct a Talos CSR certificate signing request. Due t...

8.8CVSS8.1AI score0.00553EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder