4 matches found
CVE-2022-41939
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
Code injection
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
CVE-2022-41939
CVE-2022-41939 affects knative.dev/func (client library/CLI for Knative functions). The root issue is credential exposure when using third-party function buildpacks, where a compromised buildpack could expose registry credentials or the local Docker socket to a malicious lifecycle container. The ...
CVE-2022-41939 Credential exposure when running third-party builders in knative/func
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...