SUSE CVE-2025-59358

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

PT-2022-26109 · Ez Systems · Ezplatform-Graphql

Name of the Vulnerable Software and Affected Versions: ezplatform-graphql versions prior to 1.0.13 ezplatform-graphql versions prior to 2.3.12 Description: The issue concerns the exposure of password hashes of users who have created or modified content, typically administrators and editors, throu...