Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2026/05/07 2:38 a.m.13 views

Talos Linux has a local privilege escalation from untrusted workloads

Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...

7.8CVSS8AI score0.96267EPSS
Exploits228References6Affected Software1
OSV
OSV
added 2024/08/21 2:30 p.m.17 views

GO-2022-0278 Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux in github.com/containerd/containerd

Unprivileged pod using hostPath can side-step active LSM when it is SELinux in github.com/containerd/containerd...

9.1CVSS9.1AI score0.0169EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/29 5:45 p.m.46 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.5 security update

An update is now available for Red Hat OpenShift GitOps v1.11.5 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A...

9CVSS7.3AI score0.01479EPSS
Exploits2References2
Veracode
Veracode
added 2024/05/24 6:38 a.m.18 views

Missing Default Authentication

Argo CD is vulnerable to Missing Default Authentication. The vulnerability is due to the default lack of password protection in redis, allowing attackers with access to an unprivileged pod to connect to the Redis server to gain read/write access, modify the "mfst" manifest key to execute...

9CVSS7.1AI score0.01479EPSS
Exploits2References10Affected Software1
NVD
NVD
added 2024/05/21 7:15 p.m.16 views

CVE-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

9CVSS9AI score0.01479EPSS
Exploits2References9
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.8 views

PT-2024-5047 · Argo Cd +1 · Argo Cd +1

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.8.19 Argo CD versions prior to 2.9.15 Argo CD versions prior to 2.10.10 Description: The issue concerns an unprivileged pod in a different namespace on the same cluster being able to connect to the Redis server on...

9CVSS6.9AI score0.01479EPSS
Exploits2References23
OSV
OSV
added 2022/02/18 12:14 a.m.10 views

MGASA-2022-0071 Updated docker-containerd packages fix security vulnerability

Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43816...

9.1CVSS9.2AI score0.0169EPSS
Exploits1References3
Mageia
Mageia
added 2022/02/18 12:14 a.m.39 views

Updated docker-containerd packages fix security vulnerability

Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43816...

9.1CVSS3.1AI score0.0169EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/18 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2022-0071)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.0169EPSS
Exploits1References4
Rows per page
Query Builder