9 matches found
Talos Linux has a local privilege escalation from untrusted workloads
Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...
GO-2022-0278 Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux in github.com/containerd/containerd
Unprivileged pod using hostPath can side-step active LSM when it is SELinux in github.com/containerd/containerd...
Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.5 security update
An update is now available for Red Hat OpenShift GitOps v1.11.5 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A...
Missing Default Authentication
Argo CD is vulnerable to Missing Default Authentication. The vulnerability is due to the default lack of password protection in redis, allowing attackers with access to an unprivileged pod to connect to the Redis server to gain read/write access, modify the "mfst" manifest key to execute...
CVE-2024-31989
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...
PT-2024-5047 · Argo Cd +1 · Argo Cd +1
Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.8.19 Argo CD versions prior to 2.9.15 Argo CD versions prior to 2.10.10 Description: The issue concerns an unprivileged pod in a different namespace on the same cluster being able to connect to the Redis server on...
MGASA-2022-0071 Updated docker-containerd packages fix security vulnerability
Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43816...
Updated docker-containerd packages fix security vulnerability
Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43816...
Mageia: Security Advisory (MGASA-2022-0071)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...