Skip to main content

Flux2

6 CVEs product

Monthly

CVE-2022-39272 Go MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Denial Of Service Flux2 Helm Controller Image Automation Controller +4
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-36049 Go HIGH PATCH This Week

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Helm Flux2 Helm Controller
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-36035 Go HIGH PATCH This Week

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Kubernetes Path Traversal Flux2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24878 Go MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Kubernetes Path Traversal Flux2 Kustomize Controller
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-24877 Go HIGH PATCH This Week

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Kubernetes Information Disclosure Path Traversal Flux2 +1
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-24817 Go CRITICAL PATCH Act Now

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Privilege Escalation Kubernetes RCE Code Injection Flux2 +2
NVD GitHub
CVSS 3.1
9.9
EPSS
1.0%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Denial Of Service Flux2 +6
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Helm +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Kubernetes Path Traversal Flux2
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Kubernetes Path Traversal +2
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Kubernetes Information Disclosure +3
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL PATCH Act Now

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Privilege Escalation Kubernetes RCE +4
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy