9 matches found
EUVD-2026-36096
Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook...
CVE-2026-49823
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...
CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...
CVE-2026-49823
Summary : CVE-2026-49823 affects Fission (Kubernetes-native serverless framework). Before version 1.24.0, the PackageRef.Namespace in a Fission Function spec was not validated by the admission webhook (unlike Secret/ConfigMap). This allowed cross-namespace access via an unvalidated Package refere...
PT-2026-48505
Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description An issue exists in the Fission serverless framework where the admission webhook fails to validate the namespace for the PackageRef.Namespace reference type. While Secret and ConfigMap reference type...
Fission 访问控制错误漏洞
Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contained a access control vulnerability. This vulnerability stemmed from the lack of namespace validation using the access webhook in the Fission Function specification for...
Malicious Package
Overview shaktihacker2026 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-8550 Malicious code in @malware-test-chiao-tikka-kicks-betel/test-mlw3-chiao-tikka-kicks-betel (npm)
The package @malware-test-chiao-tikka-kicks-betel/test-mlw3-chiao-tikka-kicks-betel was found to contain malicious code...
Solaris Update for telnet 119433-01
Check for the Version of telnet OpenVAS Vulnerability Test Solaris Update for telnet 119433-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...