CUPS: Unraveling a Critical Vulnerability Chain in Unix Printing Systems
A series of critical vulnerabilities has been uncovered in the Common Unix Printing System (CUPS),...
CVE-2024-7646 <br/> Ingress-NGINX Annotation Validation Bypass
A Kubernetes vulnerability which demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affect the...
XZ vulnerability
CVE-2024-3094
March 29, 2024 – Red Hat disclosed CVE-2024-3094 (a.k.a XZ vulnerability) scoring a critical CVSS rating of 10. Stemming...
Kubelet vulnerabilities on Windows nodes
CVE-2023-3676, CVE-2023-3955 and CVE-2023-3893
Aug 23, 2023 – The Kubernetes Security Response Committee disclosed three interrelated vulnerabilities affecting the...
Kyverno’s container image signature verification can be bypassed
CVE-2022-47633
Dec 21, 2022 – The vulnerability enables an attacker who is either running a malicious...
Unauthorized access to arbitrary endpoints in Grafana codebase
CVE-2022-39328
Nov 11, 2022 – Grafana Labs published a security advisory for a new critical vulnerability...
kube-apiserver vulnerability
CVE-2022-3172
Sep 19, 2022 – A new vulnerability was reported on Sep 16th in kube-apiserver that...
Arbitrary Host File Access from containers launched by containerd CRI
CVE-2022-23648
Mar 29, 2022 – A vulnerability in containerd, a popular container runtime, allows especially containers to...
Log4Shell Vulnerability
CVE-2021-44228
Dec 12, 2021 – Kubernetes is written in GO so it is not directly affected, but applications running...
Symlink vulnerability
CVE-2021-25741
Sep 20, 2021 – A HIGH severity Kubernetes vulnerability in which users may be able to...
Continue as a guest