Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:golang/k8s.io/kubernetes@1.29.4
Typegolang
Namespacek8s.io
Namekubernetes
Version1.29.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.29.7
Latest_non_vulnerable_version1.34.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-pjvk-1xxm-87d8
vulnerability_id VCID-pjvk-1xxm-87d8
summary 
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3177
reference_id
reference_type
scores
0
value 0.06395
scoring_system epss
scoring_elements 0.91064
published_at 2026-04-26T12:55:00Z
1
value 0.06395
scoring_system epss
scoring_elements 0.91019
published_at 2026-04-09T12:55:00Z
2
value 0.06395
scoring_system epss
scoring_elements 0.91066
published_at 2026-04-24T12:55:00Z
3
value 0.06395
scoring_system epss
scoring_elements 0.91053
published_at 2026-04-21T12:55:00Z
4
value 0.06395
scoring_system epss
scoring_elements 0.9105
published_at 2026-04-18T12:55:00Z
5
value 0.06395
scoring_system epss
scoring_elements 0.91052
published_at 2026-04-16T12:55:00Z
6
value 0.06395
scoring_system epss
scoring_elements 0.91027
published_at 2026-04-13T12:55:00Z
7
value 0.06395
scoring_system epss
scoring_elements 0.90981
published_at 2026-04-02T12:55:00Z
8
value 0.06395
scoring_system epss
scoring_elements 0.90991
published_at 2026-04-04T12:55:00Z
9
value 0.06395
scoring_system epss
scoring_elements 0.91001
published_at 2026-04-07T12:55:00Z
10
value 0.06395
scoring_system epss
scoring_elements 0.91013
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3177
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-pxhw-596r-rwq5
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pxhw-596r-rwq5
5
reference_url https://github.com/kubernetes/kubernetes
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes
6
reference_url https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a
7
reference_url https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2
8
reference_url https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b
9
reference_url https://github.com/kubernetes/kubernetes/issues/124336
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/
url https://github.com/kubernetes/kubernetes/issues/124336
10
reference_url https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/
url https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3177
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3177
14
reference_url https://pkg.go.dev/vuln/GO-2024-2746
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2024-2746
15
reference_url http://www.openwall.com/lists/oss-security/2024/04/16/4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/04/16/4
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2274118
reference_id 2274118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2274118
17
reference_url https://access.redhat.com/errata/RHSA-2024:0043
reference_id RHSA-2024:0043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0043
18
reference_url https://access.redhat.com/errata/RHSA-2024:2054
reference_id RHSA-2024:2054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2054
fixed_packages
0
url pkg:golang/k8s.io/kubernetes@1.27.13
purl pkg:golang/k8s.io/kubernetes@1.27.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/kubernetes@1.27.13
1
url pkg:golang/k8s.io/kubernetes@1.28.9
purl pkg:golang/k8s.io/kubernetes@1.28.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/kubernetes@1.28.9
2
url pkg:golang/k8s.io/kubernetes@1.29.4
purl pkg:golang/k8s.io/kubernetes@1.29.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/kubernetes@1.29.4
aliases CVE-2024-3177, GHSA-pxhw-596r-rwq5
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjvk-1xxm-87d8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:golang/k8s.io/kubernetes@1.29.4