Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

Fission 安全漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contained a security vulnerability. This vulnerability stemmed from the lack of validation in the Environment.spec.runtime.podSpec/spec.builder.podSpec field. When using MergePodSpec,...

9.9CVSS5.3AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

Fission 安全漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contain security vulnerabilities. These vulnerabilities stem from the Container Executor’s path, which allows tenants to directly provide Function.spec.podspec. The executor merges thi...

9.9CVSS5.3AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Fission 路径遍历漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.25.0 contained a path traversal vulnerability. This vulnerability stemmed from the Unarchive function using filepath.Join to concatenate the archive entry name with the target directory,...

7.7CVSS5.3AI score0.00301EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/10/28 5:6 p.m.24 views

Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.6 security updates and bug fixes

Multicluster Engine for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.1CVSS6.9AI score0.00617EPSS
Exploits2References1
OSV
OSV
added 2024/08/05 9:29 p.m.16 views

GHSA-H7CM-JVPP-69XF Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

6.1CVSS5.9AI score0.01552EPSS
Exploits1References7
NVD
NVD
added 2024/05/27 7:15 p.m.27 views

CVE-2024-35182

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

8.1CVSS5.9AI score0.01552EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/05/27 6:18 p.m.52 views

CVE-2024-35182 GHSL-2024-014 Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

5.9CVSS5.9AI score0.01552EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/05/01 6:24 p.m.31 views

Moderate: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.6 security updates and bug fixes

Multicluster Engine for Kubernetes 2.1.6 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.7AI score0.01613EPSS
Exploits1References4
OSV
OSV
added 2022/06/13 3:40 p.m.25 views

CVE-2022-31055 Improper Access Control in kctf

kCTF is a Kubernetes-based infrastructure for capture the flag CTF competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark the...

7.5CVSS7.4AI score0.00588EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/02 12:0 a.m.2 views

Cisco Ultra Cloud Core 安全漏洞

Cisco Ultra Cloud Core is a Kubernetes-based solution from Cisco. It provides a common execution environment for Cisco's container-based 5G applications. A security vulnerability exists in Cisco Ultra Cloud Core that allows an authenticated, local attacker to exploit the vulnerability to escalate...

7.8CVSS7.8AI score0.00253EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/11/02 9:37 a.m.21 views

Google to Pay Hackers $31,337 for Exploiting Patched Linux Kernel Flaws

Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three months as part of a new bug bounty program to improve the security of the Linux kernel. To that end, the company is expected to issue...

0.8AI score
Exploits0
OSV
OSV
added 2021/08/25 7:15 p.m.14 views

CVE-2021-39159

BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. In affected versions a remote code execution vulnerability has been identified in BinderHub, where providing BinderHub with maliciously crafted input...

9.8CVSS8AI score
Exploits0References2
Rows per page
Query Builder