Vulnerabilities > Fluxcd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-22 | CVE-2022-39272 | Improper Validation of Specified Quantity in Input vulnerability in Fluxcd products Flux is an open and extensible continuous delivery solution for Kubernetes. | 4.3 |
| 2022-09-07 | CVE-2022-36049 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. | 7.5 |
| 2022-08-31 | CVE-2022-36035 | Path Traversal vulnerability in Fluxcd Flux2 Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. | 7.8 |
| 2022-05-06 | CVE-2022-24878 | Path Traversal vulnerability in Fluxcd Flux2 Flux is an open and extensible continuous delivery solution for Kubernetes. | 6.5 |
| 2022-05-06 | CVE-2022-24877 | Path Traversal vulnerability in Fluxcd Flux2 Flux is an open and extensible continuous delivery solution for Kubernetes. | 8.8 |
| 2022-05-06 | CVE-2022-24817 | Code Injection vulnerability in Fluxcd Kustomize-Controller Flux2 is an open and extensible continuous delivery solution for Kubernetes. | 9.9 |
| 2021-11-12 | CVE-2021-41254 | OS Command Injection vulnerability in Fluxcd Kustomize-Controller kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. | 8.8 |