169 matches found
EUVD-2019-13726
Malware in sbrugna...
EUVD-2019-2198
Malware in sbrugna...
EUVD-2021-1233
Malware in sbrugna...
EUVD-2021-2608
Malware in sbrugna...
EUVD-2023-2961
Malicious code in bioql PyPI...
EUVD-2022-1260
Malicious code in bioql PyPI...
EUVD-2023-2509
Malicious code in bioql PyPI...
EUVD-2022-0898
Malicious code in bioql PyPI...
EUVD-2024-2846
Malicious code in bioql PyPI...
EUVD-2022-1339
Malicious code in bioql PyPI...
EUVD-2023-2423
Malicious code in bioql PyPI...
Webhook redirect in kube-apiserver
...
Kubernetes C# client accepts certificates from any CA without properly verifying the trust chain
A vulnerability exists in the Kubernetes C client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially...
OPENSUSE-SU-2025:15235-1 kubernetes1.31-apiserver-1.31.10-1.1 on GA media
These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2023-41333
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...
CVE-2019-13209
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...
Privilege Escalation
github.com/kyverno/kyverno is vulnerable to Privilege Escalation. The vulnerability is due to missing error propagation in the GetNamespaceSelectorsFromNamespaceLister function and causing policy rules with namespace selectors to be skipped during admission review processing, allows an attacker...
CVE-2025-46342 Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2023-1260)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that may allow an authenticated user evade security context constraints SCCs admission restrictions, thereby gaining control of a privileged pod CVE-2023-1260. Vulnerability Details CVEID:...
KubeFence: Security Hardening of the Kubernetes Attack Surface
Kubernetes K8s is widely used to orchestrate containerized applications, including critical services in domains such as finance, healthcare, and government. However, its extensive and feature-rich API interface exposes a broad attack surface, making K8s vulnerable to exploits of software...