6 matches found
Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.16 / 2.346.4.1 Multiple Vulnerabilities (CloudBees Security Advisory 2022-08-27)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.16, or 2.x prior to 2.346.4.1. It is, therefore, affected by multiple vulnerabilities, including the following: - Loading specially-crafted yaml with the Kubernetes Java...
cn.dustlight.fun:fun-kubeless (>=0.0.2-alpha-1 <=0.0.3-alpha-1), cn.dustlight.jobless:jobless-kubernetes (>=0.0.1-alpha <=0.0.2-alpha) +76 more potentially affected by CVE-2021-25738 via io.kubernetes:client-java (>=0.2 <=11.0.0)
io.kubernetes:client-java MAVEN version =0.2, =0.0.2-alpha-1, =0.0.1-alpha, =1.0.0, =4.0.5, =0.0.3, =2.3.0, =0.2.1, =0.2.1, =0.2.1, =0.2.1, =0.2.1, =0.2.1, =0.2.3, =0.2.3, =0.2.5 and more Source cves: CVE-2021-25738 Source advisory: OSV:GHSA-M8WH-MQGF-RR8G...
CVE-2021-25738
creationtimestamp| type| source ---|---|--- 2021-10-11 22:24:44+00:00| seen| https://t.me/cibsecurity/30361...
CVE-2021-25738
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution...
CVE-2021-25738
CVE-2021-25738: The vulnerability arises from loading specially crafted YAML via the Kubernetes Java Client library, enabling code execution. Connected documents consistently describe this YAML-loading path as the root cause and code execution outcome. The public data does not provide precise aff...
CVE-2021-25738 Code exec via yaml parsing
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution...