Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2022/05/16 6:13 p.m.19 views

GHSA-VVMQ-FWMG-2GJC Improper kubeconfig validation allows arbitrary code execution

Flux2 can reconcile the state of a remote cluster when provided with a kubeconfig with the correct access rights. Kubeconfig files can define commands to be executed to generate on-demand authentication tokens. A malicious user with write access to a Flux source or direct access to the target...

9.9CVSS10AI score0.00378EPSS
Exploits0References3
Cvelist
Cvelistadded 2021/11/17 6:26 p.m.14 views

CVE-2021-43979

Styra Open Policy Agent OPA Gatekeeper through 3.7.0 mishandles concurrency, sometimes resulting in incorrect access control. The data replication mechanism allows policies to access the Kubernetes cluster state. During data replication, OPA/Gatekeeper does not wait for the replication to finish...

5.6AI score0.00227EPSS
Exploits0References2
CVE
CVEadded 2021/11/17 6:26 p.m.38 views

CVE-2021-43979

CVE-2021-43979 affects Styra Open Policy Agent (OPA) Gatekeeper up to version 3.7.0. The issue stems from mishandled concurrency during data replication, where OPA/Gatekeeper does not wait for replication to finish before processing requests. This can cause inconsistencies between replicated reso...

5.3CVSS5.2AI score0.00227EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder