Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/30 10:36 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CEL-based HTTP functions. An attacker can make unauthorized network requests to internal or external resources and exfitrate sensitive information AWS IAM credentials, GCP tokens by crafting...

9.8CVSS5.6AI score0.00705EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.7 views

Kyverno security vulnerabilities

Kyverno is an open-source policy engine designed for Kubernetes. Versions of Kyverno prior to 1.16.3 and 1.15.3 have security vulnerabilities. These vulnerabilities stem from the policy engine’s unlimited memory consumption, which could allow users with permission to create policies to execute...

7.7CVSS7.4AI score0.00531EPSS
Exploits1References4
OSV
OSV
added 2025/07/14 2:15 p.m.5 views

UBUNTU-CVE-2025-7519

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...

6.7CVSS7.1AI score0.00184EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/07/14 1:35 p.m.2 views

CVE-2025-7519

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...

6.7CVSS7.1AI score0.00184EPSS
Exploits0References5
Rows per page
Query Builder