-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
GoGo| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| k8s.io/kubernetes | go | < 1.27.13 | 1.27.13 |
| k8s.io/kubernetes | go | >= 1.29.0, <= 1.29.3 | 1.29.4 |
| k8s.io/kubernetes | go | >= 1.28.0, <= 1.28.8 | 1.28.9 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from missing validation of envFrom.secretRef fields in three container types. The patch adds validation loops for envFrom in:
KEV Misses 88% of Exploited CVEs- Get the report