Cncf Knative Func
By the Year
In 2024 there have been 0 vulnerabilities in Cncf Knative Func . Knative Func did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.40 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Knative Func vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cncf Knative Func Security Vulnerabilities
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions
CVE-2022-41939
7.4 - High
- November 19, 2022
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious `lifecycle` container. This issues has been patched in PR #1442, and is part of release 1.8.1. This issue only affects users who are using function buildpacks from third-parties; pinning the builder image to a specific content-hash with a valid `lifecycle` image will also mitigate the attack.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Linux Foundation Knative Func or by Cncf? Click the Watch button to subscribe.
