Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/09/02 8:0 p.m.10 views

CVE-2025-9276 Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw...

9.8CVSS0.00782EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/02 8:0 p.m.6 views

CVE-2025-9276 Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw...

9.8CVSS6.8AI score0.00782EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/02 12:0 a.m.5 views

Cockroach Labs cockroach-k8s-request-cert 安全漏洞

Cockroach Labs cockroach-k8s-request-cert is a container image from Cockroach Labs, Inc. A security vulnerability exists in Cockroach Labs cockroach-k8s-request-cert, which stems from an empty root password setting and could lead to authentication bypass...

9.8CVSS9.6AI score0.00782EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.7 views

PT-2025-34183

Name of the Vulnerable Software and Affected Versions: Cockroach Labs cockroach-k8s-request-cert affected versions not specified Description: The cockroach-k8s-request-cert component is susceptible to an authentication bypass due to an empty root password. This allows unauthorized access...

9.8CVSS7.3AI score0.00782EPSS
Exploits0References9
OSV
OSV
added 2022/07/29 10:24 p.m.3 views

GHSA-2CPX-6PQP-WF35 fs2-io skips mTLS client verification

Impact When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on Node.js. The JVM TLS implementation is completely...

9.8CVSS5.9AI score0.00629EPSS
Exploits1References7
Rows per page
Query Builder