Fluxcd Flux2
6 CVEs affecting Fluxcd Flux2. Latest disclosed: 2022-10-22. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-24877 | Critical | 9.9 | 2022-05-06 | Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` all… |
CVE-2022-24817 | Critical | 9.9 | 2022-05-06 | Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kus… |
CVE-2022-36049 | High | 7.7 | 2022-09-07 | Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to d… |
CVE-2022-36035 | High | 7.7 | 2022-08-31 | Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when ther… |
CVE-2022-24878 | High | 7.7 | 2022-05-06 | Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` all… |
CVE-2022-39272 | Medium | 5.0 | 2022-10-22 | Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permis… |