Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT The nfsklookupslowv4 function performs the conntrack lookup for IPv4 packets in order to restore the original 5-tuple in case of SNAT, so that the correct socket if any can be...

5.5CVSS6.2AI score0.00163EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/03 9:36 p.m.11 views

Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

6.4AI score0.0086EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:34 a.m.8 views

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

8.7CVSS5.8AI score0.00488EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/19 7:19 p.m.13 views

CVE-2026-27173 Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...

5.8AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.18 views

RHEL 9 : podman (RHSA-2026:18722)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18722 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

8.1CVSS7.2AI score0.01008EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

8.7CVSS6AI score0.00156EPSS
Exploits0References1
Veracode
Veracode
added 2026/01/07 7:23 a.m.6 views

Remote Code Execution (RCE)

feast is vulnerable to remote code execution RCE. The vulnerability is due to the use of yaml.load..., Loader=yaml.Loader to deserialize configuration YAML files before validation, which allows an attacker who can modify these files to instantiate arbitrary Python objects and execute OS commands ...

7.8CVSS8.2AI score0.00264EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1092

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00734EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-16049

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00242EPSS
Exploits0References4
NVD
NVD
added 2025/09/15 12:15 p.m.4 views

CVE-2025-59358

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

7.5CVSS0.00987EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.6 views

containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.

...

7.5CVSS7AI score0.00242EPSS
Exploits0
OSV
OSV
added 2025/05/23 3:18 p.m.4 views

GO-2025-3701 Incorrect cgroup assignment for containers running in usernamespaced Kubernetes pods in github.com/containerd/containerd

Incorrect cgroup assignment for containers running in usernamespaced Kubernetes pods in github.com/containerd/containerd...

7.5CVSS7.2AI score0.00242EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/05/21 6:1 p.m.26 views

containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.

Impact A bug was found in the containerd's CRI implementation where containerd doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node. Patches This bug has been fixed...

7.5CVSS7AI score0.00242EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/02/10 1:6 a.m.17 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/21 6:17 p.m.18 views

CVE-2024-53095 smb: client: Fix use-after-free of network namespace.

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

6.5AI score0.00223EPSS
Exploits0References3
OSV
OSV
added 2024/07/01 11:18 a.m.6 views

BIT-HUBBLE-UI-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...

9.8CVSS9.2AI score0.00734EPSS
Exploits0References3
OSV
OSV
added 2024/07/01 11:13 a.m.7 views

BIT-CILIUM-PROXY-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...

9.8CVSS9.2AI score0.00734EPSS
Exploits0References3
OSV
OSV
added 2024/06/04 9:45 a.m.13 views

BIT-HUBBLE-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...

9.8CVSS7.6AI score0.00734EPSS
Exploits0References3
OSV
OSV
added 2024/05/24 7:23 p.m.41 views

BIT-HUBBLE-RELAY-2023-27595 Cilium eBPF filters may be temporarily removed during agent restart

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...

9.8CVSS7.6AI score0.00734EPSS
Exploits0References4
NVD
NVD
added 2023/03/17 10:15 p.m.23 views

CVE-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This ca...

9.8CVSS7AI score0.00734EPSS
Exploits0References3
Rows per page
Query Builder