Lucene search
K

11 matches found

Wolfi
Wolfi
added 2026/04/11 2:51 a.m.7 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: newrelic-infra-operator, aws-privateca-issuer, dbmate, stakater-reloader, supercronic, hubble, ingress-nginx-controller, nodetaint, nova, malcontent, rabbitmq-messaging-topology-operator, smokescreen, osv-scanner, victoriametrics-cluster,...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/30 6:31 p.m.2 views

EUVD-2026-17133

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS6AI score0.00268EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.7 views

KubePlus 安全漏洞

KubePlus is a Kubernetes multi-tenant application management platform developed by cloud-ark. KubePlus 4.1.4 contains security vulnerabilities, which stem from server-side request forgery and command injection during the processing of the chartURL field by the mutating webhook and...

7.6CVSS5.8AI score0.00268EPSS
Exploits1References3
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-29954

CVE-2026-29954 affects KubePlus 4.1.4, specifically the mutating webhook and kubeconfiggenerator. The vulnerability arises when processing the chartURL field of ResourceComposition resources: the value is only URL-encoded and not validated, enabling SSRF. More critically, kubeconfiggenerator conc...

7.6CVSS6AI score0.00268EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.1 views

CVE-2026-29954

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS6AI score0.00268EPSS
Exploits1References3
Wolfi
Wolfi
added 2025/08/09 1:47 p.m.29 views

CVE-2025-47907 vulnerabilities

Vulnerabilities for packages: ghaudit, trivy-operator, tekton-pipelines, atlantis, bento, cosign, cerbos, kubernetes-dashboard-auth, croc, docker-cli-buildx, ini-file, gotestsum, src, nri-mysql, containerd, bom, datadog-agent, kubescape, gitness, azuredisk-csi, crossplane-provider-sql,...

7CVSS6.7AI score0.00331EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/04/30 9:39 a.m.36 views

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/04/30 9:39 a.m.20 views

GHSA-2CGQ-H8XW-2V5J CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.1AI score0.01418EPSS
Exploits0References7
Veracode
Veracode
added 2021/09/21 7:22 a.m.23 views

Information Disclosure

github.com/kubernetes/kubernetes is vulnerable to information disclosure and malicious redirection. If --profiling is enabled on the kube-apiserver, an attacker with a control over a validating or mutating webhook are able to access the kube-apiserver process logs and are able to redirect...

4.1CVSS4.2AI score0.01953EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/09/20 5:15 p.m.3 views

DEBIAN-CVE-2020-8561

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS5AI score0.01953EPSS
Exploits0References1
OSV
OSV
added 2021/09/20 5:15 p.m.2 views

UBUNTU-CVE-2020-8561

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS6.6AI score0.01953EPSS
Exploits0References3
Rows per page
Query Builder