-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stemmed from missing validation checks in CSI provisioning operations. Key issues identified in patches:
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/kubernetes-csi/external-provisioner | go | < 0.4.3 | 0.4.3 |
| github.com/kubernetes-csi/external-provisioner | go | >= 1.0.0, < 1.0.2 | 1.0.2 |
| github.com/kubernetes-csi/external-provisioner | go | = 1.1 | |
| github.com/kubernetes-csi/external-provisioner | go | >= 1.2.0, < 1.2.2 | 1.2.2 |
| github.com/kubernetes-csi/external-provisioner | go | >= 1.3.0, < 1.3.1 | 1.3.1 |
| github.com/kubernetes-csi/external-snapshotter/v6 | go | >= 1.0.0, < 1.0.2 | 1.0.2 |
| github.com/kubernetes-csi/external-snapshotter/v6 | go | = 1.1 | |
| github.com/kubernetes-csi/external-snapshotter/v6 | go | >= 1.2.0, < 1.2.2 | 1.2.2 |
| github.com/kubernetes-csi/external-resizer | go | = 0.1 | |
| github.com/kubernetes-csi/external-resizer | go | = 0.2 |
GoGo