17 matches found
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: rancher-agent, nrdot-collector-k8s-fips, fluxcd-kustomize-mutating-webhook-fips, kubebuilder, govulncheck, kyverno-policy-reporter-plugins-trivy, atlas, aws-application-networking-k8s-fips, flux-notification-controller, blob-csi, gomplate, prometheus-beat-exporter,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: ko, chaos-mesh, logstash-exporter, kuberay-operator-fips, nri-rabbitmq, rancher-agent, openbao-k8s, prometheus-adapter, tekton-pipelines-fips, aws-efs-csi-driver-fips, nrdot-collector-k8s-fips, fluxcd-kustomize-mutating-webhook-fips, crossplane-provider-azure-storage...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: ko, chaos-mesh, logstash-exporter, kuberay-operator-fips, nri-rabbitmq, rancher-agent, openbao-k8s, prometheus-adapter, tekton-pipelines-fips, aws-efs-csi-driver-fips, nrdot-collector-k8s-fips, fluxcd-kustomize-mutating-webhook-fips, crossplane-provider-azure-storage...
GHSA-7C64-F9JR-V9H2 vulnerabilities
Vulnerabilities for packages: ko, kuberay-operator-fips, node-feature-discovery, nri-rabbitmq, rancher-agent, apm-server-fips, openbao-k8s, prometheus-adapter, sftpgo-plugin-kms, aws-efs-csi-driver-fips, nrdot-collector-k8s-fips, fluxcd-kustomize-mutating-webhook-fips,...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: ko, kuberay-operator-fips, node-feature-discovery, nri-rabbitmq, rancher-agent, apm-server-fips, openbao-k8s, prometheus-adapter, sftpgo-plugin-kms, aws-efs-csi-driver-fips, nrdot-collector-k8s-fips, fluxcd-kustomize-mutating-webhook-fips,...
EUVD-2023-3019
Malicious code in bioql PyPI...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: ko, migrate, nodetaint, nri-rabbitmq, rancher-agent, rancher, opentofu, step-kms-plugin, k3d, rabbitmq-messaging-topology-operator, apm-server, rclone, libnvidia-container, mongo-tools, traefik, steampipe, knative-serving, wal-g, src, nri-haproxy,...
GO-2023-2355 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving...
The vulnerability of the Knative Serving deployment and application management tool, related to uncontrolled resource consumption, allows a attacker to cause service failures.
The vulnerability of the Knative Serving deployment and application management tool is related to an uncontrolled resource consumption when processing endpoints in the /metrics directory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
CVE-2023-48713
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
Design/Logic Flaw
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers. An attacker who controls a pod to a degree where they can control the responses from the /metrics endpoint can cause Denial-of-Service of the autoscaler from an unbound...
Knative Serving Security Vulnerability
Knative Serving is a Kubernetes-based build from Knative that supports the deployment and servicing of applications and features as serverless containers. A security vulnerability exists in Knative Serving that stems from a memory allocation error, which could lead to a denial of service by an...
GHSA-QMVJ-4QR9-V547 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Summary A vulnerability was fond in Knative Serving that could allow an attacker to crash the Knative Serving autoscaler resulting in a denial of service. The attacker would need to have compromised one pod in the Knative Serving deployment, and with that position they could launch the attack...
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Summary A vulnerability was fond in Knative Serving that could allow an attacker to crash the Knative Serving autoscaler resulting in a denial of service. The attacker would need to have compromised one pod in the Knative Serving deployment, and with that position they could launch the attack...