3 matches found
Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component
Summary Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows...
GHSA-47M2-4CR7-MHCW vulnerabilities
Vulnerabilities for packages: kubernetes-dns-node-cache, q, teleport, k8sgateway, traefik, kyverno-policy-reporter-ui, frp, caddy, kubo, k3s, spegel, kargo, dkron, ipfs-cluster...
CVE-2025-59530 vulnerabilities
Vulnerabilities for packages: dkron, syncthing-fips, spegel, coredns-fips, kubernetes-dns-node-cache, kubernetes-dns-node-cache-fips, eks-distro-fips, spegel-fips, ipfs-cluster, kyverno-policy-reporter-ui-fips, eks-distro, k8sgateway-fips, rke2-runtime, syncthing, caddy-fips, q, traefik, kubo-fip...