All 6 CVE vulnerabilities found in flux2, with AI-generated Chinese analysis, references, and POCs.
Vendor: fluxcd
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-39272 | Flux2 vulnerable to Denial of Service due to Improper use of metav1.Duration CWE-1284 | 5.0 | Medium | 2022-10-21 |
| CVE-2022-36049 | Flux2 Helm Controller denial of service CWE-400 | 7.7 | High | 2022-09-07 |
| CVE-2022-36035 | Flux CLI Workload Injection CWE-22 | 7.7 | High | 2022-08-31 |
| CVE-2022-24878 | Improper path handling in Kustomization files allows for denial of service CWE-22 | 7.7 | High | 2022-05-06 |
| CVE-2022-24877 | Improper path handling in kustomization files allows path traversal CWE-22 | 9.9 | Critical | 2022-05-06 |
| CVE-2022-24817 | Improper kubeconfig validation allows arbitrary code execution CWE-94 | 9.9 | Critical | 2022-05-06 |
All 6 known CVE vulnerabilities affecting flux2 with full Chinese analysis, references, and POCs where available.