CVE-2022-31055

by Fred · 13/06/2022

kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.

Date published : 2022-06-13

https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5

https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202

CVE-2022-31055

Similar

Recent Posts

Categories

CVE-2022-31055

Share this:

Similar

Recent Posts

Categories

Tags