| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-34236 | Information Disclosure Vulnerability in Weave GitOps Terraform Controller | weaveworks | tf-controller | High | 8.5 | 2023-07-14 21:09:46 | Deep Dive |
| CVE-2022-23509 | Weave Gitops Run vulnerable to insecure communication | weaveworks | weave-gitops | High | 7.3 | 2023-01-09 13:01:08 | Deep Dive |
| CVE-2022-23508 | GitOps Run allows for Kubernetes workload injection | weaveworks | weave-gitops | High | 8.8 | 2023-01-09 12:56:01 | Deep Dive |
| CVE-2022-35976 | Improper KubeConfig handling allows arbitrary code execution | weaveworks | vscode-gitops-tools | Medium | 5.2 | 2022-08-18 18:50:08 | Deep Dive |
| CVE-2022-35975 | Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode | weaveworks | vscode-gitops-tools | Critical | 9.0 | 2022-08-18 17:55:08 | Deep Dive |
| CVE-2022-31098 | Weave GitOps leaked cluster credentials into logs on connection errors | weaveworks | weave-gitops | Critical | 9.0 | 2022-06-27 22:05:11 | Deep Dive |
| CVE-2020-26278 | Weave Net Pods running in host PID namespace can be used to escalate other Kubernetes vulnerabilities | weaveworks | weave | Medium | 5.8 | 2021-01-20 22:10:18 | Deep Dive |
| CVE-2020-11091 | Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements | weaveworks | Weave | Medium | 5.8 | 2020-06-03 22:55:13 | Deep Dive |