I hope this message finds you well. I am writing to bring to your attention some critical vulnerability issues that we have identified in Emissary CRDs. These vulnerabilities pose significant risks to the security and integrity of our systems, and we believe it is imperative to address them promptly.
Through the use of the KICS tool (https://docs.kics.io/latest/getting-started/), we have identified several vulnerabilities within Emissary CRDs, including but not limited to:
,
Privilege escalation allowed
Containers running as root
NET_RAW capabilities not being dropped
Seccomp profile not configured
No drop capabilities for containers
Containers running with low UID
Service account token automount not disabled
RBAC wildcard in rule
Deployment without PodDisruptionBudget
These vulnerabilities expose our systems to potential attacks, data breaches, and other security risks. Therefore, we urge the Emissary community to prioritize addressing these issues and releasing patches or updates to mitigate the risks associated with them.
We understand that ensuring the security of software is a collaborative effort, and we are committed to assisting in any way we can to resolve these vulnerabilities. We would appreciate timely communication from the Emissary community regarding the steps being taken to address these issues and any guidance on best practices for mitigating these vulnerabilities in the interim.
Thank you for your attention to this matter. We are seeking your support and guidance to ensure the continued security and reliability of Emissary CRDs.Best regards,
Here is the report generated after KICS Scan tool run on our directory, and file with path ../../path/one-time-setup/emissary-crds.yaml are the vulnerabilities related to emissary-crds .
I hope this message finds you well. I am writing to bring to your attention some critical vulnerability issues that we have identified in Emissary CRDs. These vulnerabilities pose significant risks to the security and integrity of our systems, and we believe it is imperative to address them promptly.
Through the use of the KICS tool (https://docs.kics.io/latest/getting-started/), we have identified several vulnerabilities within Emissary CRDs, including but not limited to: ,
These vulnerabilities expose our systems to potential attacks, data breaches, and other security risks. Therefore, we urge the Emissary community to prioritize addressing these issues and releasing patches or updates to mitigate the risks associated with them. We understand that ensuring the security of software is a collaborative effort, and we are committed to assisting in any way we can to resolve these vulnerabilities. We would appreciate timely communication from the Emissary community regarding the steps being taken to address these issues and any guidance on best practices for mitigating these vulnerabilities in the interim. Thank you for your attention to this matter. We are seeking your support and guidance to ensure the continued security and reliability of Emissary CRDs.Best regards,
Here is the report generated after KICS Scan tool run on our directory, and file with path
../../path/one-time-setup/emissary-crds.yamlare the vulnerabilities related to emissary-crds .results.json