Lucene search
K

82 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Fedora 42 : kustomize (2025-a887e86abc)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a887e86abc advisory. Update to 5.8.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

7.5CVSS7.6AI score0.00626EPSS
Exploits1References9
OSV
OSV
added 2025/12/02 5:36 p.m.3 views

BIT-FLUX-2022-24878 Improper path handling in Kustomization files allows for denial of service

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user's CI/CD pipeline to...

7.7CVSS6.6AI score0.0095EPSS
Exploits0References2
OSV
OSV
added 2025/12/02 5:36 p.m.4 views

BIT-FLUX-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS7AI score0.01108EPSS
Exploits0References2
OSV
OSV
added 2025/12/02 5:36 p.m.4 views

BIT-FLUX-2022-24817 Improper kubeconfig validation allows arbitrary code execution

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also...

9.9CVSS7.3AI score0.01044EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.6 views

GHSA-447V-2QG4-H8HC vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.7 views

GHSA-CXQ7-XW9V-RCV3 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.4 views

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.5 views

GHSA-JWMF-CHVC-RF92 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.7 views

GHSA-7WWX-XJ66-R44X vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.6 views

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: knative-operator-fips, beats-fips, smarter-device-manager, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy, prometheus-alertmanager-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.9 views

CVE-2025-61724 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy, prometheus-alertmanager-fips,...

5.3CVSS6.7AI score0.00526EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.7 views

CVE-2025-61723 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

7.5CVSS7AI score0.00626EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.11 views

CVE-2025-58188 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

7.5CVSS7AI score0.00361EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.10 views

CVE-2025-58189 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

5.3CVSS6.7AI score0.00443EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.10 views

CVE-2025-58183 vulnerabilities

Vulnerabilities for packages: knative-operator-fips, beats-fips, smarter-device-manager, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy, prometheus-alertmanager-fips,...

4.3CVSS6.7AI score0.00419EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.6 views

CVE-2025-47912 vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

5.3CVSS7AI score0.00443EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.5 views

GHSA-RJCG-56PH-3QVG vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, smarter-device-manager, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.4 views

GHSA-QH38-484V-W52X vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy, prometheus-alertmanager-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.7 views

GHSA-WCW9-47FP-RRFR vulnerabilities

Vulnerabilities for packages: volsync-fips, knative-operator-fips, beats-fips, nodetaint, skopeo-fips, kafkaexporter-fips, logstash-exporter, karpenter, kubernetes-csi-external-attacher, cluster-api-provider-vsphere, vault-secrets-webhook, monstache, kafka-proxy, prometheus-alertmanager-fips,...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3043

Malicious code in bioql PyPI...

7.7CVSS6.8AI score0.0095EPSS
Exploits0References3
Rows per page
Query Builder