Spinnaker@* Security Vulnerabilities and Issues — Spinnaker@* CVE List

Lucene search

LinuxfoundationSpinnaker*

2 matches found

CVE•added 2022/01/04 6:15 p.m.•55 views

CVE-2021-39143

Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don't override system f...

7.1CVSS6.6AI score0.00088EPSS

CVE•added 2022/01/04 8:15 p.m.•37 views

CVE-2021-43832

Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users haven't setup Role-base...

10CVSS9.7AI score0.01815EPSS