3 matches found
Kyverno 安全漏洞
Kyverno is a policy engine designed for Kubernetes that is open sourced by Kyverno. A security vulnerability exists in Kyverno versions prior to 1.10.0, which stems from a resource in the deletionTimestamp field that can bypass validation, generate or change an existing policy...
Counterparty-exchange owner may alter policy manager in execution callback, altering the price of subsequent order matching
Lines of code Vulnerability details Impact In the context of bulkExecute, with a sqeuence of executions requested, transferring ETH, ERC721 or ERC1155 may result in a hook/callback to a counterparty on receipt of ETH or one of these tokens. If this counterparty is also the exchange owner, or is...
Privilege escalation
Privilege escalation by using an altered debug policy image can occur as the XPU protecting the debug policy regions are disabled during the crash dump boot flow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...