Lucene search
K

5 matches found

Veracode
Veracode
added 2026/05/16 5:25 a.m.10 views

Missing Authorization

github.com/argoproj/argo-workflows is vulnerable to Missing Authorization. The vulnerability is due to missing authorization checks in the Sync Service's ConfigMap-backed provider, which allows an attacker to create, read, update, and delete synchronization-related Kubernetes ConfigMaps without...

8.5CVSS5.2AI score0.00515EPSS
Exploits1References7Affected Software1
The Hacker News
The Hacker News
added 2025/12/10 11:54 a.m.11 views

Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes

Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly...

6.9AI score
Exploits0
OSV
OSV
added 2025/05/28 2:40 p.m.2 views

GHSA-H5F8-CRRQ-4PW8 Contrast workload secrets leak to logs on INFO level

Impact When the Contrast initializer is configured with a CONTRASTLOGLEVEL of info or debug, the workload secret is logged to stderr and written to Kubernetes logs. Since info is the default setting, this affects all Contrast installations that don't customize their initializers' log level. The...

7.3CVSS6.7AI score
Exploits0References2
NCSC
NCSC
added 2023/06/02 12:0 a.m.65 views

Vulnerabilities fixed in Rancher

Vulnerabilities have been fixed in Rancher. The vulnerability with reference CVE-2022-43760 allows a malicious person to perform a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the browser of the victim. The vulnerabilities marked...

9.9CVSS7.4AI score0.00715EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/05/06 12:0 a.m.4 views

PT-2022-16897 · Unknown +1 · Kustomize-Controller +2

Name of the Vulnerable Software and Affected Versions: Flux2 versions 0.1.0 through 0.29.0 helm-controller versions 0.1.0 through 0.19.0 kustomize-controller versions 0.1.0 through 0.23.0 Description: The issue concerns code injection via malicious Kubeconfig files, potentially leading to privile...

9.9CVSS9.8AI score0.01044EPSS
Exploits0References7
Rows per page
Query Builder