kustomize-controller 操作系统命令注入漏洞

kustomize-controller is a Kubernetes operator that specializes in running continuous delivery pipelines for infrastructure and workloads defined with a Kubernetes manifest and assembled using Kustomize. An operating system command injection vulnerability exists in versions prior to...

PT-2021-4880 · Kyverno +1 · Kyverno +4

Name of the Vulnerable Software and Affected Versions: kustomize-controller versions prior to 0.15.0 Description: The issue is related to the kustomize-controller, a Kubernetes operator for running continuous delivery pipelines. It allows users who can create Kubernetes Secrets, Service Accounts,...