Most recent sightings.

https://db.gcve.eu/sightings/feed Most recent sightings. 2026-04-30T23:25:57.289711+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/2e16af89-b21c-41f5-8452-e342247467a8/export 2e16af89-b21c-41f5-8452-e342247467a8 2026-04-30T23:25:57.669457+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2e16af89-b21c-41f5-8452-e342247467a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-hcr5-wv4p-h2g2", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113913498919897595", "content": "", "creation_timestamp": "2025-01-29T20:20:51.993567Z"} 2025-01-29T20:20:51.993567+00:00 https://db.gcve.eu/sighting/6152ca2d-0ff4-40df-a635-892c0ede6b18/export 6152ca2d-0ff4-40df-a635-892c0ede6b18 2026-04-30T23:25:57.667637+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "6152ca2d-0ff4-40df-a635-892c0ede6b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-HCR5-WV4P-H2G2", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-hcr5-wv4p-h2g2\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ### Impact\nIf the \"full-elastic-stack\" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages.\n\n### Patches\nThe example has been updated to fix this in commit db1aa5b867256b0a7bf206544c6981ab068b73dc\n\n\n### Workarounds\nReplace \n```yaml\n\n if .request.requestKind.kind == \"Secret\" {\n del(.request.object.data)\n .request.object.data.redacted = \"REDACTED\"\n del(.request.oldObject.data)\n .request.oldObject.data.redacted = \"REDACTED\"\n }\n```\nIn the vector \"audit-files-json-parser-and-redaction\" step\nwith\n```yaml\n\n if .request.requestKind.kind == \"Secret\" {\n # Redact the secret data\n del(.request.object.data)\n .request.object.data.redacted = \"REDACTED\"\n del(.request.oldObject.data)\n .request.oldObject.data.redacted = \"REDACTED\"\n # Remove the previously set secret data - Not bothering to parse it as this annotation shouldn't ever be needed\n del(.request.object.metadata.annotations.[\"kubectl.kubernetes.io/last-applied-configuration\"])\n del(.request.oldObject.metadata.annotations.[\"kubectl.kubernetes.io/last-applied-configuration\"])\n }\n```\n\ud83d\udccf Published: 2025-01-29T20:47:51Z\n\ud83d\udccf Modified: 2025-01-29T20:47:51Z\n\ud83d\udd17 References:\n1. https://github.com/RichardoC/kube-audit-rest/security/advisories/GHSA-hcr5-wv4p-h2g2\n2. https://github.com/RichardoC/kube-audit-rest/commit/db1aa5b867256b0a7bf206544c6981ab068b73dc\n3. https://github.com/RichardoC/kube-audit-rest", "creation_timestamp": "2025-01-29T21:11:10.000000Z"} 2025-01-29T21:11:10+00:00