Lucene search
K

10 matches found

NVD
NVD
added 2026/06/01 3:16 p.m.15 views

CVE-2026-10533

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 1:19 p.m.13 views

EUVD-2026-33641

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 1:19 p.m.31 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.13 views

PT-2026-45429

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform affected versions not specified Description A flaw exists where completed pods with restartPolicy: Never are not counted toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged...

5CVSS5.4AI score0.0023EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Red Hat OpenShift Container Platform 安全漏洞

Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container Platform...

5CVSS5.4AI score0.0023EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/01/25 12:31 p.m.3 views

openstack-neutron: unrestricted creation of security groups

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

6.5CVSS5.8AI score0.01056EPSS
Exploits0References5
OSV
OSV
added 2022/12/05 11:8 p.m.25 views

GHSA-X45C-CVP8-Q4FM Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule implements a multi-tenant and policy-based environment in a Kubernetes cluster. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operato...

8.8CVSS8.6AI score0.00861EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/12/05 11:8 p.m.40 views

Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule implements a multi-tenant and policy-based environment in a Kubernetes cluster. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operato...

8.8CVSS8.3AI score0.00861EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2022/12/02 6:22 p.m.38 views

CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

8.8CVSS8.9AI score0.00861EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/02 12:0 a.m.11 views

PT-2022-27782 · Capsule · Capsule

Name of the Vulnerable Software and Affected Versions: Capsule versions prior to 0.1.3 Description: Capsule is a multi-tenancy and policy-based framework for Kubernetes. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it...

8.8CVSS7.1AI score0.00861EPSS
Exploits0References10
Rows per page
Query Builder