CVE-2026-10609
- EPSS 0.23%
- Veröffentlicht 23.06.2026 13:26:43
- Zuletzt bearbeitet 08.07.2026 15:10:22
A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those creden...
CVE-2024-0874
- EPSS 0.76%
- Veröffentlicht 25.04.2024 17:15:47
- Zuletzt bearbeitet 15.04.2026 00:35:42
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2024-0193
- EPSS 0.84%
- Veröffentlicht 02.01.2024 18:15:08
- Zuletzt bearbeitet 05.06.2026 00:22:34
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN o...
CVE-2023-4456
- EPSS 0.49%
- Veröffentlicht 21.08.2023 17:15:50
- Zuletzt bearbeitet 21.11.2024 08:35:12
A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original ac...