Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2025/04/21 10:51 p.m.12 views

GHSA-7M6V-Q233-Q9J9 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

Prevent token leakage / privilege escalation MinIO Operator STS: A Quick Overview MinIO Operator STS is a native IAM Authentication for Kubernetes. MinIO Operator offers support for Secure Tokens a.k.a. STS which are a form of temporary access credentials for your MinIO Tenant. In essence, this...

6.9CVSS7.6AI score0.0054EPSS
Exploits0References5
CVE
CVEadded 2025/04/02 11:7 a.m.115 views

CVE-2025-2786

CVE-2025-2786 affects Grafana Tempo Operator. A flaw during TempoStack/TempoMonolithic deployment creates a ServiceAccount, ClusterRole, and ClusterRoleBinding, enabling a user with full access to their namespace to extract the ServiceAccount token and use TokenReview and SubjectAccessReview requ...

4.3CVSS7AI score0.00295EPSS
Exploits0References5
Veracode
Veracodeadded 2023/11/27 7:18 a.m.20 views

Improper Authentication

github.com/projectcapsule/capsule-proxy and github.com/clastix/capsule-proxy are vulnerable to Improper Authentication. The vulnerability is caused by a missing check if the user is authenticated based on the TokenReview result in capsule-proxy capsule operator project. An attacker can bypass the...

9.8CVSS6.9AI score0.00574EPSS
Exploits1References2Affected Software2
Cvelist
Cvelistadded 2023/11/24 5:12 p.m.42 views

CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy

capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...

9.8CVSS9.7AI score0.00574EPSS
Exploits1References2
OSV
OSVadded 2023/11/24 5:12 p.m.26 views

CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy

capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...

9.8CVSS9.1AI score0.00574EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2023/11/24 4:53 p.m.35 views

Capsule Proxy Authentication bypass using an empty token

The privilege escalation is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API Server setting disable set to false are affected since it would be possible to bypass the token review mechanism,...

9.8CVSS7.3AI score0.00574EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder