How severe is CVE-2022-39272?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2022-39272?

This is classified as CWE-1284, which is a common weakness in software security.

CVE-2022-39272 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields `.spec.interval` or `.spec.timeout` (and structured variations of these fields), causing the entire object type to stop being processed. This issue is patched in version 0.35.0. As a workaround, Admission controllers can be employed to restrict the values that can be used for fields `.spec.interval` and `.spec.timeout`, however upgrading to the latest versions is still the recommended mitigation.

Related Vulnerabilities

CVE-2022-0174

MEDIUM

CVSS:4.3(Medium)

Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr.

CWE-12842022

CVE-2024-48290

MEDIUM

CVSS:4.3(Medium)

An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ll_terminate_ind packet.

CWE-12842024

CVE-2024-8558

MEDIUM

CVSS:4.3(Medium)

A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the comp...

CWE-12842024

CVE-2024-0111

MEDIUM

CVSS:4.4(Medium)

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerabili...

CWE-12842024

CVE-2022-0414

MEDIUM

CVSS:4.1(Medium)

Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0.

CWE-12842022

CVE-2023-0194

MEDIUM

CVSS:4.6(Medium)

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service.

CWE-12842023