Skip to main content

Helm Controller

3 CVEs product

Monthly

CVE-2022-39272 Go MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Denial Of Service Flux2 Helm Controller Image Automation Controller +4
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-36049 Go HIGH PATCH This Week

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Helm Flux2 Helm Controller
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-24817 Go CRITICAL PATCH Act Now

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Privilege Escalation Kubernetes RCE Code Injection Flux2 +2
NVD GitHub
CVSS 3.1
9.9
EPSS
1.0%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Flux is an open and extensible continuous delivery solution for Kubernetes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Denial Of Service Flux2 +6
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Helm +2
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL PATCH Act Now

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Privilege Escalation Kubernetes RCE +4
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy