3 matches found
CVE-2025-29922
kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.26.3, the identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources. By...
CVE-2025-29922
The CVE-2025-29922 issue affects kcp (the Kubernetes-like control plane) prior to 0.26.3, where the APIExport VirtualWorkspace can create or delete objects in any target workspace even without an APIBinding. Root cause: access controls around the APIExport VirtualWorkspace are insufficient, allow...
GSD-2022-1002525 IP address filtering in Google Cloud Platform (GCP) version All versions as of 2022-06-07 and later (unfixed as of yet)
In Google Cloud Platform GCP, all versions as of 2022-06-07 and later unfixed as of yet an IP address filtering vulnerability exists in the Kubernetes control plane that can be attacked via other systems within Google Cloud Engine's network filtering is only applied to external IP addresses...