Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weave weave vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2013-4251
The scipy.weave component in SciPy prior to 0.12.1 creates insecure temporary directories.
Scipy Scipy
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 18
Redhat Enterprise Linux 6.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 8.0
383
VMScore
CVE-2022-31098
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in the logging of Weave GitOps could allow an authenticated remote malicious user to view sensitive cluster configurations,...
Weave Weave Gitops 0.8.1
Weave Weave Gitops
312
VMScore
CVE-2020-11091
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host (v...
Weave Weave Net
NA
CVE-2024-25545
An issue in Weave Weave Desktop v.7.78.10 allows a local malicious user to execute arbitrary code via a crafted script to the nwjs framework component.
NA
CVE-2023-34236
Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote malicious user to view sensiti...
Weave Gitops Terraform Controller
Weave Gitops Terraform Controller 0.15.0
NA
CVE-2022-23509
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communicati...
Weave Weave Gitops
NA
CVE-2022-23508
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in GitOps run could allow a local user or process to alter a Kubernetes cluster's resources. GitOps run has a local S3...
Weave Weave Gitops
NA
CVE-2022-38790
Weave GitOps Enterprise prior to 0.9.0-rc.5 has a cross-site scripting (XSS) bug allowing a malicious user to inject a javascript: link in the UI. When clicked by a victim user, the script will execute with the victim's permission. The exposure appears in Weave GitOps Enterp...
Weave.works Gitops 0.9.0
Weave.works Gitops
NA
CVE-2022-35976
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other...
Weave Gitops Tools
NA
CVE-2022-35975
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage...
Weave Gitops Tools
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2