Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Image\-Automation\-Controller
(Fluxcd)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-22 | CVE-2022-39272 | Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields `.spec.interval` or `.spec.timeout` (and structured variations of these fields), causing the entire object type to stop being processed. This issue is patched in version 0.35.0. As a workaround, Admission... | Flux2, Helm\-Controller, Image\-Automation\-Controller, Image\-Reflector\-Controller, Kustomize\-Controller, Notification\-Controller, Source\-Controller | 4.3 |