VDB
CVE-2022-36049
CVE-2022-36049
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Flux2 Helm Controller denial of service
EPSS 0.57% · 69.0th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.57%
69.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | flux | 0.0.17, 0.0.17, 0.0.17 |
| Bitnami | flux | 0.0.17 |
| Bitnami | helm | 3.0.0, 3.0.0, 3.0.0 |
| Bitnami | helm | 3.0.0 |
Exploit Intelligence
- https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3 (circl)
- https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh (circl)
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996 (circl)
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360 (circl)
- go_dos.json (github-poc)
- go_dos.json (github-poc)
- go_dos.json (github-poc)
- go_dos.json (github-poc)
- go_dos.json (github-poc)
- go_dos.json (github-poc)
Timeline
- Sep 7, 2022 CVE Published
- Sep 8, 2022 EPSS Score
- Oct 23, 2022 EPSS Score
- Dec 7, 2022 EPSS Score
- Jan 22, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 8, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
- Jun 6, 2023 EPSS Score
- Jul 21, 2023 EPSS Score
- Sep 4, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996 url
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360 url
- https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3 url
- https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh url
- https://nvd.nist.gov/vuln/detail/CVE-2022-36049 url