Vulnerabilidades en weaveworks
8 resultadosCVE-2022-31098CRITICALWeave GitOps leaked cluster credentials into logs on connection errorsEPSS 1.1%CVE-2022-35975CRITICALImproper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCodeEPSS 1.1%CVE-2020-11091MEDIUMWeave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisementsEPSS 0.9%CVE-2020-26278MEDIUMWeave Net Pods running in host PID namespace can be used to escalate other Kubernetes vulnerabilitiesEPSS 0.7%CVE-2023-34236HIGHInformation Disclosure Vulnerability in Weave GitOps Terraform ControllerEPSS 0.7%CVE-2022-35976MEDIUMImproper KubeConfig handling allows arbitrary code executionEPSS 0.4%CVE-2022-23508HIGHGitOps Run allows for Kubernetes workload injectionEPSS 0.3%CVE-2022-23509HIGHWeave Gitops Run vulnerable to insecure communicationEPSS 0.2%