Veracode Vulnerability DatabaseVERACODE:37681Denial Of Service (DoS)
EPSS
Percentile
32.8%
github.com/fluxcd is vulnerable to Denial of Service. The vulnerability exists due to the lack of data fields validation in the metav1.Duration parameter in multiple fluxcd repositories which allows an attacker to cause an application crash.
References
github.com/fluxcd/flux2/security/advisories/GHSA-f4p5-x4vc-mh4v
github.com/fluxcd/helm-controller/commit/54aee36b3a9adaade8625965604b5d941f63dcd3
github.com/fluxcd/image-automation-controller/commit/456b48a9094f7f3f8690d2444a858faf0b824f7a
github.com/fluxcd/image-reflector-controller/commit/af69da1c952e4d2b481ba520c383999cf526d76d
github.com/fluxcd/kustomize-controller/commit/21d02283ecc1c92416c6e646bb6f456eef5e8d94
github.com/fluxcd/notification-controller/commit/b225c7718500a3a0649242b8ce7dd50a8ec1f276
github.com/fluxcd/source-controller/commit/27f4ed5a472d1bd5b6bc7a62189f20c115338b3a
github.com/kubernetes/apimachinery/issues/131
Related
