Lucene search
K

43 matches found

Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: aactl, k9s, tflint, gitlab-kas, neuvector-sigstore-interface, syft, kubescape, kubernetes-dashboard, minio, buildah, podman, eksctl, knative-serving, pulumi-language-dotnet, caddy, flux-kustomize-controller, istio, dagger, k8sgpt, nuclei, rancher-agent,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/03 7:17 p.m.10 views

CVE-2026-34986 vulnerabilities

Vulnerabilities for packages: bento-fips, kube-arangodb-fips, task-fips, cilium, grafana-mimir, vault-secrets-webhook, harbor-registry, dex, grafana-mimir-fips, kube-arangodb, vault-secrets-operator, trivy-fips, neuvector-fips, zot, peerdb-flow, kaniko-fips, sqlexporter, neuvector-scanner-fips,...

7.5CVSS6.7AI score0.00651EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/26 7:48 p.m.11 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: aactl, k9s, cert-manager-cmctl, syft, kubescape, cluster-api, pulumi-language-dotnet, flux-kustomize-controller, crossplane-provider-keycloak, dagger, nuclei, crossplane-provider-family-azure, crossplane-provider-aws-memorydb, gptscript, osv-scanner, vcluster,...

9.8CVSS6.7AI score0.00397EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/26 7:48 p.m.9 views

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: aactl, k9s, cert-manager-cmctl, syft, kubescape, cluster-api, pulumi-language-dotnet, flux-kustomize-controller, crossplane-provider-keycloak, dagger, nuclei, crossplane-provider-family-azure, crossplane-provider-aws-memorydb, gptscript, osv-scanner, vcluster,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/02/26 7:17 p.m.10 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: src-fingerprint, hydra-fips, terraform-fips, crossplane-provider-keycloak, flux-source-controller-fips, crossplane-provider-aws-cloudfront, kots, gitness, xeol-fips, dagger, crossplane-provider-aws-ecr, rancher-fleet, cilium-cli, flux, helm-diff-fips,...

9.8CVSS6.7AI score0.00397EPSS
Exploits0
OSV
OSV
added 2025/12/02 5:36 p.m.5 views

BIT-FLUX-2022-24878 Improper path handling in Kustomization files allows for denial of service

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user's CI/CD pipeline to...

7.7CVSS6.6AI score0.0095EPSS
Exploits0References2
OSV
OSV
added 2025/12/02 5:36 p.m.6 views

BIT-FLUX-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS7AI score0.01108EPSS
Exploits0References2
OSV
OSV
added 2025/12/02 5:36 p.m.5 views

BIT-FLUX-2022-24817 Improper kubeconfig validation allows arbitrary code execution

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also...

9.9CVSS7.3AI score0.01044EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3043

Malicious code in bioql PyPI...

7.7CVSS6.8AI score0.0095EPSS
Exploits0References3
Chainguard
Chainguard
added 2025/08/09 1:17 p.m.51 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: grafana-rollout-operator, harbor-scanner-trivy-fips, neuvector-dbgen, x509-certificate-exporter-fips, local-static-provisioner, buf, vgpu-util, kube-arangodb-fips, gofumpt, flux, mods, git-lfs-fips, cilium, jaeger-operator-fips, docker-machine-driver-harvester,...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 9:42 p.m.9 views

CVE-2022-24877

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS6.8AI score0.01108EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/12/18 6:23 p.m.7 views

GHSA-32GQ-X56H-299C vulnerabilities

Vulnerabilities for packages: age-fips, ksops, age, flux-kustomize-controller-fips, sops, flux-kustomize-controller, grafana-fips, chezmoi, litestream, sops-fips, grafana...

6.1AI score
Exploits0
OSV
OSV
added 2024/08/21 2:30 p.m.13 views

GO-2022-0260 Privilege escalation to cluster admin on multi-tenant environments in github.com/fluxcd/kustomize-controller

Privilege escalation to cluster admin on multi-tenant environments in github.com/fluxcd/kustomize-controller...

9CVSS8.8AI score0.01766EPSS
Exploits1References2
Wolfi
Wolfi
added 2024/06/11 5:16 p.m.115 views

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: fulcio, bank-vaults, external-dns, grafana-agent-operator, rclone, tempo, py3-cassandra-medusa, hugo-extended, flyte, kubescape, flux-source-controller, hugo, chezmoi, grafana-mimir, policy-controller, opentelemetry-collector, cosign, flux-image-reflector-controller,...

5.5CVSS6.5AI score0.00788EPSS
Exploits0
OSV
OSV
added 2024/03/06 10:55 a.m.18 views

BIT-KUSTOMIZE-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS9AI score0.01108EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:55 a.m.21 views

BIT-KUSTOMIZE-2022-24878 Improper path handling in Kustomization files allows for denial of service

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user's CI/CD pipeline to...

7.7CVSS6.4AI score0.0095EPSS
Exploits0References2
Chainguard
Chainguard
added 2024/03/05 11:15 p.m.80 views

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: kubernetes-event-exporter, stakater-reloader, buf, kubernetes-dashboard-fips, flux, cilium, flux-image-reflector-controller, dex, kubeflow-katib, prometheus-node-exporter, aws-ebs-csi-driver, gh, zot, metacontroller, gcsfuse, cass-operator, terraform-provider-sendgri...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.83 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: smarter-device-manager-fips, prometheus-stackdriver-exporter, aactl, volume-modifier-for-k8s-fips, terraform-provider-sendgrid, terraform-provider-sendgrid-fips, cortex, kubernetes-csi-livenessprobe, kubeflow, bank-vaults-fips, cluster-autoscaler-fips, conftest-fips,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2023/10/10 9:28 p.m.43 views

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: aactl, src, dgraph, kubescape, secrets-store-csi-driver, hugo, nginx-stable, minio, cortex, pulumi-language-dotnet, flux-kustomize-controller, wireguard-go, gobuster, nri-prometheus, buildkitd, ip-masq-agent, newrelic-infrastructure-agent, terraform-provider-azurerm,...

6.1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/20 4:58 p.m.28 views

Improper path handling in Kustomization files allows for denial of service

The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use a specially crafted kustomization.yaml to cause Denial of Service at controller level. In multi-tenancy deployments this can lead to multiple...

7.7CVSS0.8AI score0.0095EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder