Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
WeaveGitops Tools

2 matches found

CVE
CVEadded 2022/08/18 6:50 p.m.76 views

CVE-2022-35976

The CVE concerns the GitOps Tools Extension for VSCode, which uses kubeconfigs to talk to Kubernetes clusters. A specially crafted kubeconfig can cause arbitrary code execution under the user running VSCode. Affected users are those with kubeconfigs generated or altered by other processes/users; ...

9.8CVSS7.8AI score0.00363EPSS
CVE
CVEadded 2022/08/18 5:55 p.m.74 views

CVE-2022-35975

CVE-2022-35975 affects the GitOps Tools Extension for VSCode. A specially crafted Flux object can cause remote code execution on the machine running VSCode in the context of the user, impacting users managing clusters shared among multiple users. The issue is described as improper object validati...

9.8CVSS9.6AI score0.01255EPSS