3 matches found
melange 路径遍历漏洞
Melange is a software developed by Chainguard for building APKs from source code. Versions of Melange from 0.32.0 to 0.43.4 had a path traversal vulnerability. This vulnerability stemmed from insufficient validation of the pipeline.uses parameter, allowing attackers to read arbitrary YAML files a...
EUVD-2020-0448
Malware in sbrugna...
The vulnerability of the application deployment automation tool in Kubernetes ArgoCD, related to writing beyond the buffer in memory, allows a malicious actor to write or modify any YAML file.
The vulnerability of the Kubernetes ArgoCD application deployment automation tool relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to write or modify any YAML file...