3 matches found
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/share/utils to version...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...
PT-2025-43268
Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 5.4.7 Description A critical issue exists in NeuVector where the enforcer component improperly handles environment variables CLUSTER RPC PORT and CLUSTER LAN PORT. These variables are used to construct shell command...