16 matches found
EUVD-2018-2989
Malware in sbrugna...
EUVD-2024-48013
Malicious code in bioql PyPI...
EUVD-2025-0167
Malicious code in bioql PyPI...
CVE-2025-46342
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...
CVE-2025-46342
Kyverno CVE-2025-46342 affects policy rules using namespace selectors in match statements. Prior to versions 1.13.5 and 1.14.0, a missing error propagation in GetNamespaceSelectorsFromNamespaceLister (pkg/utils/engine/labels.go) may cause those rules to be ignored during admission review, bypassi...
GHSA-JRR2-X33P-6HVC Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements
Summary Due to a missing error propagation in function GetNamespaceSelectorsFromNamespaceLister in pkg/utils/engine/labels.go it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing. As a consequence...
PT-2025-18296 · Kyverno · Kyverno
Name of the Vulnerable Software and Affected Versions: Kyverno versions prior to 1.13.5 and 1.14.0 Description: The issue concerns a policy engine where policy rules using namespace selectors in their match statements may not be applied correctly due to a missing error propagation in the...
CVE-2024-53862 Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. When using --auth-mode=client, Archived Workflows can be retrieved with a fake or spoofed token via the GET Workflow endpoint: /api/v1/workflows/namespace/name or when using...
CVE-2024-6840
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...
CVE-2024-6840
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...
CVE-2024-6840 Automation-controller: gain access to the k8s api server via job execution with container group
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...
CVE-2018-10937
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...
Cross site scripting
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...
CVE-2018-10937
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...
CVE-2018-10937
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...
CVE-2018-10937
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...