CVE-2026-32768
- EPSS 0.05%
- Veröffentlicht 20.03.2026 05:30:07
- Zuletzt bearbeitet 08.04.2026 20:49:11
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This break...
CVE-2025-53634
- EPSS 0.16%
- Veröffentlicht 10.07.2025 19:39:57
- Zuletzt bearbeitet 14.08.2025 20:41:40
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service (DoS). Exploitation does not ...
CVE-2025-53633
- EPSS 0.14%
- Veröffentlicht 10.07.2025 19:38:19
- Zuletzt bearbeitet 14.08.2025 20:44:46
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation do...
CVE-2025-53632
- EPSS 0.06%
- Veröffentlicht 10.07.2025 19:36:47
- Zuletzt bearbeitet 14.08.2025 20:49:48
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require a...