14 matches found
EUVD-2022-1057
Malicious code in bioql PyPI...
SUSE CVE-2020-8569
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
NULL Pointer Dereference in Kubernetes CSI snapshot-controller
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
GHSA-HWRR-RHMM-VCVF NULL Pointer Dereference in Kubernetes CSI snapshot-controller
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
CVE-2020-8569
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
CVE-2020-8569
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
Design/Logic Flaw
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
CVE-2020-8569 Kubernetes CSI snapshot-controller DoS
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes...
CVE-2020-8569
CVE-2020-8569 affects the Kubernetes CSI external snapshot-controller when processing a VolumeSnapshot CR that references a non-existent PersistentVolumeClaim and lacks a VolumeSnapshotClass. The root cause is a NULL pointer dereference which can cause the snapshot-controller to crash and, after ...
Kubernetes Code Issues Vulnerabilities
Kubernetes is an open source Docker container cluster management system from the Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scaling up and down for containerized applications. A code issue vulnerability exists in Kubernetes CSI...
Denial Of Service (DoS)
github.com/kubernetes-csi/external-snapshotter is vulnerable to denial of service. A NULL pointer dereference in the snapshot-controller allows an attacker to crash the application via authorized API requests...
CVE-2020-8569
A flaw was found in the Kubernetes snapshot-controller, where it is vulnerable to a denial of service attack via authorized API requests. The snapshot-controller can dereference a NULL pointer when processing a VolumeSnapshot custom resource via an authorized API request with invalid references t...
Kubernetes: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC
Report Submission Form I was asked by Kubernetes Product Security and H1 Employee @turtleshell to open a new report with the same details as report 995699. Summary: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC Kubernetes Version: 1.19 Component Version:...
Kubernetes: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC
Report Submission Form Summary: csi-snapshot-controller crashes when processing VolumeSnapshot with non-existing PVC Kubernetes Version: 1.19 Component Version: snapshot-controller from external-snapshotter repo ver 3.0.0 https://github.com/kubernetes-csi/external-snapshotter/releases/tag/v3.0.0...