Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/01 7:34 a.m.36 views

CVE-2026-49298 Apache Airflow: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

0.00489EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.18 views

PT-2025-12359

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in...

3.1CVSS6.6AI score0.00301EPSS
Exploits0References176
ATTACKERKB
ATTACKERKB
added 2022/04/20 4:15 p.m.7 views

CVE-2022-0567

A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in...

9.1CVSS7.7AI score0.01001EPSS
Exploits0References2
CNVD
CNVD
added 2020/03/19 12:0 a.m.3 views

ONAP Service Design and Creation Code Injection Vulnerability (CNVD-2020-24670)

ONAP Service Design and Creation SDC is a set of visual modeling and design tools for the ONAP project. A code injection vulnerability exists in previous versions of ONAP SDNC Dublin. An attacker can exploit this vulnerability to execute arbitrary code by accessing port 4000 of the demo-sdc-sdc-b...

9.8CVSS8.1AI score0.02065EPSS
Exploits1
Rows per page
Query Builder