Source |
CVE Liste |
Identifiant |
5135354 |
Date de publication |
2022-06-13 16:15:08 (vue: 2022-06-13 19:07:53) |
Titre |
CVE-2022-31055 |
Texte |
kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect. |
Envoyé |
Oui |
Condensat |
2022 31055 `kctf `public: allowed any based been broken can capture chal challenges cluster competitions connect ctf cve debug false` flag forward` from has infrastructure kctf kubernetes mark patched port prior privately problem ranges set src test them those traffic use version want who workaround |
Tags |
|
Stories |
Uber
|
Notes |
|
Move |
|