GHSA-RGGM-JJMC-3394 Kyverno has SSRF via CEL http.Get/http.Post in NamespacedValidatingPolicy allows cross-namespace data access

Summary A Server-Side Request Forgery SSRF vulnerability in Kyverno's CEL HTTP library pkg/cel/libs/http/ allows users with namespace-scoped policy creation permissions to make arbitrary HTTP requests from the Kyverno admission controller. This enables unauthorized access to internal services in...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CEL-based HTTP functions. An attacker can make unauthorized network requests to internal or external resources and exfitrate sensitive information AWS IAM credentials, GCP tokens by crafting...

NodeShield: Runtime Enforcement of Security-Enhanced SBOMs for Node.Js

The software supply chain is an increasingly common attack vector for malicious actors. The Node.js ecosystem has been subject to a wide array of attacks, likely due to its size and prevalence. To counter such attacks, the research community and practitioners have proposed a range of static and...

Linux Distros Unpatched Vulnerability : CVE-2016-4972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient...