Skip to main content
CVE-2022-45933 CRITICAL POC THREAT Act Now

KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Kubernetes Kubeview
NVD GitHub
CVSS 3.1
9.8
EPSS
51.7%
CVE-2022-43705 CRITICAL Act Now

In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Botan
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy