EUVD-2024-2517

Malicious code in bioql PyPI...

GO-2024-3063 RBAC Roles for `etcd` created by Kamaji are not disjunct in github.com/clastix/kamaji

RBAC Roles for etcd created by Kamaji are not disjunct in github.com/clastix/kamaji...

GHSA-6R4J-4RJC-8VW5 RBAC Roles for `etcd` created by Kamaji are not disjunct

Summary Using an "open at the top" range definition in RBAC for etcd roles leads to some TCPs API servers being able to read, write and delete the data of other control planes. Details The problematic code is this:...

RBAC Roles for `etcd` created by Kamaji are not disjunct

Summary Using an "open at the top" range definition in RBAC for etcd roles leads to some TCPs API servers being able to read, write and delete the data of other control planes. Details The problematic code is this:...

CVE-2024-42480

Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed i...

CVE-2024-42480 Kamaji's RBAC Roles for `etcd` are not disjunct

Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed i...

CVE-2024-42480 Kamaji's RBAC Roles for `etcd` are not disjunct

Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed i...

CVE-2024-42480 Kamaji's RBAC Roles for `etcd` are not disjunct

Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed i...

Kamaji 安全漏洞

Kamaji is a Kubernetes control plane manager open-sourced by Clastix Labs. A security vulnerability exists in Kamaji version 1.0.0 and earlier. An attacker exploited the vulnerability to cause certain TCP API servers to be able to read, write, and delete data...

PT-2024-29977 · Etcd +2 · Etcd +2

Name of the Vulnerable Software and Affected Versions: Kamaji versions 1.0.0 and earlier Description: The issue arises from Kamaji using an "open at the top" range definition in RBAC for etcd roles, allowing some TCPs API servers to read, write, and delete the data of other control planes. This c...