CNNVD-202510-3482 Information
CNNVD ID
CNNVD-202510-3482
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
Always Encrypted Kubernetes是Edgeless Systems开源的一个容器加密软件。 Always Encrypted Kubernetes 2.24.0之前版本存在数据伪造问题漏洞,该漏洞源于不安全处理空密钥槽算法,可能导致未加密存储卷。
Description (English)
Always Encrypted Kubernetes is a container encryption software that is open to Edgeless Systems. Before the Always Encrypted Kubernetes 2.24.0, there was a loophole in data forgery, which stemmed from the unsafe handling of empty key slot algorithms, which could lead to unencrypted storage volumes.
Hazard Level
High
Vulnerability Type
数据伪造问题
Affected Vendor
Edgeless Systems
Published
2025-10-27
Last Modified
2026-02-24
References
https://github.com/edgelesssys/constellation/releases/tag/v2.24.0 https://github.com/edgelesssys/constellation/pull/3927 https://github.com/edgelesssys/constellation/security/advisories/GHSA-hq76-6gh2-5g4q https://access.redhat.com/security/cve/cve-2025-58356
Patch
https://github.com/edgelesssys/constellation/releases/tag/v2.24.0
Share on: