3 matches found
Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component
Summary Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows...
GHSA-47M2-4CR7-MHCW vulnerabilities
Vulnerabilities for packages: ipfs-cluster, q, kubernetes-dns-node-cache, kubo, kargo, spegel, kyverno-policy-reporter-ui, dkron, k3s, traefik, caddy, teleport, frp, k8sgateway...
CVE-2025-59530 vulnerabilities
Vulnerabilities for packages: syncthing, coredns, eks-distro, traefik-fips, caddy, kubernetes-dns-node-cache, teleport, frp, dkron, kyverno-policy-reporter-ui, traefik, ipfs-cluster, spegel-fips, k8sgateway-fips, coredns-fips, kubernetes-dns-node-cache-fips, kubo-fips, spegel, caddy-fips,...