Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
flux2 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-24877
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege...
Fluxcd Flux2
Fluxcd Kustomize-controller
6.5
CVSSv3
CVE-2022-24878
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the...
Fluxcd Flux2
Fluxcd Kustomize-controller
9.9
CVSSv3
CVE-2022-24817
Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy...
Fluxcd Kustomize-controller
Fluxcd Helm-controller
Fluxcd Flux2
8.8
CVSSv3
CVE-2021-41254
kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. Users that can create Kubernetes Secrets, Service Accounts and Flux Kustomization...
Fluxcd Kustomize-controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-31805
dos
CVE-2022-26727
CVE-2022-26712
CVE-2022-1529
CVE-2022-20807
template injection
CVE-2022-26690
cross-site scripting
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon