14 matches found
EUVD-2025-16305
Malicious code in bioql PyPI...
CVE-2025-5198
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...
CVE-2025-5198
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...
CVE-2025-5198 Stackrox: xss in stackrox
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...
CVE-2025-5198 Stackrox: xss in stackrox
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...
CVE-2025-5198
CVE-2025-5198 describes a Cross-site Scripting (XSS) flaw in Stackrox where the vulnerability can be triggered if script code is placed in a small subset of table cells, specifically when contained in the name of a Kubernetes “Role” object applied to a secured cluster. The exploit would require c...
PT-2025-23036 · Stackrox · Stackrox
Name of the Vulnerable Software and Affected Versions: Stackrox affected versions not specified Description: A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the...
StackRox Kubernetes Security Platform 跨站脚本漏洞
StackRox Kubernetes Security Platform is an open source security platform from StackRox. A cross-site scripting vulnerability exists in StackRox Kubernetes Security Platform that stems from a possible cross-site scripting attack via Kubernetes Role...
CVE-2023-4958 Stackrox: missing http security headers allows for clickjacking in web ui
In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...
Red Hat stackrox Security Vulnerabilities
Red Hat stackrox is a full lifecycle Kubernetes security solution from Red Hat. It allows you to detect, manage, and mitigate security risks, such as misconfigurations, and vulnerabilities CVEs. A security vulnerability exists in Red Hat stackrox that stems from a missing HTTP header, leading to ...
Important: Red Hat Security Advisory: RHACS 3.70 security update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...
Important: Red Hat Security Advisory: RHACS 3.69 security update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...
Important: Red Hat Security Advisory: RHACS 3.68 security update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...
Red Hat stackrox 安全漏洞
Red Hat stackrox is a full lifecycle Kubernetes security solution from Red Hat. It allows you to detect, manage, and mitigate security risks, such as misconfigurations, and vulnerabilities CVEs. A security vulnerability exists in Red Hat stackrox that stems from improper stackrox cleanup. An...