Denial Of Service (DoS)

github.com/fluxcd is vulnerable to Denial of Service. The vulnerability exists due to the lack of data fields validation in the metav1.Duration parameter in multiple fluxcd repositories which allows an attacker to cause an application crash...

CVE-2022-39272 Flux2 vulnerable to Denial of Service due to Improper use of metav1.Duration

Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interv...

GHSA-F4P5-X4VC-MH4V Improper use of metav1.Duration allows for Denial of Service

Flux controllers within the affected versions range are vulnerable to a denial of service attack. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured...

Improper use of metav1.Duration allows for Denial of Service

Flux controllers within the affected versions range are vulnerable to a denial of service attack. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured...