CVE-2026-45760

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

Aiven Operator 安全漏洞

Aiven Operator is an open-source Kubernetes cluster management service developed by Aiven. Versions of Aiven Operator from 0.31.0 to 0.37.0 contained a security vulnerability. This vulnerability stemmed from the operator trusting the namespace values provided by users without verification. As a...

GO-2024-3109 The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator

The Bare Metal Operator BMO can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator...

3: s2i builds implicitly perform docker builds

A flaw was found in OpenShift Enterprise when multi-tenant SDN is enabled and a build is run within a namespace that would normally be isolated from pods in other namespaces. If an s2i build is run in such an environment the container being built can access network resources on pods that should n...