Lucene search
+L

277 matches found

redhatcve
redhatcve
added 2025/09/17 12:49 a.m.15 views

CVE-2025-59377

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355...

9.8CVSS7.1AI score0.02191EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/17 12:49 a.m.15 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

5.3CVSS7.2AI score0.00281EPSS
Exploits0References1
osv
osv
added 2025/09/15 3:31 p.m.2 views

GHSA-4HQQ-7Q79-932P mcp-kubernetes-server has an OS Command Injection vulnerability

feiskyer/mcp-kubernetes-server through 0.1.11 allows OS command injection via the /mcp/kubectl endpoint. The handler constructs a shell command with user-supplied arguments and executes it with subprocess using shell=True, enabling injection through shell metacharacters e.g., ;, &&, $, even when...

9.8CVSS7.8AI score0.01224EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/09/15 12:0 a.m.3 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS6.9AI score0.00281EPSS
Exploits0References2
osv
osv
added 2025/09/15 12:0 a.m.5 views

CVE-2025-59377

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355...

3.7CVSS7.1AI score0.01224EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/09/15 12:0 a.m.1 views

CVE-2025-59377

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355...

3.7CVSS6.7AI score0.01224EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/09/15 12:0 a.m.5 views

PT-2025-37489

Name of the Vulnerable Software and Affected Versions feiskyer mcp-kubernetes-server versions through 0.1.11 Description feiskyer mcp-kubernetes-server is susceptible to an OS command injection issue. This occurs through the /mcp/kubectl API endpoint, even when the system is in read-only mode, du...

9.8CVSS5.8AI score0.01224EPSS
Exploits0References11
cvelist
cvelist
added 2025/09/15 12:0 a.m.12 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS0.00281EPSS
Exploits0References2
cvelist
cvelist
added 2025/09/15 12:0 a.m.29 views

CVE-2025-59377

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355...

3.7CVSS0.01224EPSS
Exploits0References2
cve
cve
added 2025/09/15 12:0 a.m.27 views

CVE-2025-59376

The CVE-2025-59376 entry concerns feiskyer’s mcp-kubernetes-server (through v0.1.11). The issue is improper handling of chained commands in the --disable-write/--disable-delete logic: commands like kubectl version; kubectl delete pod may bypass restrictions because only the first token is checked...

5.3CVSS6.9AI score0.00281EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-1002101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the...

6.4CVSS6.7AI score0.13164EPSS
Exploits2References2
nessus
nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-25743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the...

3CVSS6.1AI score0.00778EPSS
Exploits0References3
nessus
nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-11251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar...

5.7CVSS6.3AI score0.0262EPSS
Exploits0References2
fedora
fedora
added 2025/08/23 1:31 a.m.6 views

[SECURITY] Fedora 41 Update: kubernetes1.31-1.31.12-1.fc41

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

6.7CVSS7AI score0.00434EPSS
Exploits0
fedora
fedora
added 2025/08/23 1:31 a.m.7 views

[SECURITY] Fedora 41 Update: kubernetes1.33-1.33.4-1.fc41

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

6.7CVSS7AI score0.0065EPSS
Exploits0
fedora
fedora
added 2025/08/23 1:12 a.m.6 views

[SECURITY] Fedora 42 Update: kubernetes1.32-1.32.8-1.fc42

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

6.7CVSS7AI score0.00434EPSS
Exploits0
fedora
fedora
added 2025/08/23 1:12 a.m.6 views

[SECURITY] Fedora 42 Update: kubernetes1.33-1.33.4-1.fc42

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

6.7CVSS7AI score0.00434EPSS
Exploits0
ibm
ibm
added 2025/08/18 4:31 a.m.7 views

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2015-5305 DESCRIPTION: Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted...

10CVSS10AI score0.27392EPSS
Exploits36Affected Software1
suse
suse
added 2025/08/13 12:11 a.m.3 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

6.5CVSS5.5AI score0.02224EPSS
Exploits1References22
osv
osv
added 2025/08/13 12:10 a.m.3 views

SUSE-SU-2025:02423-2 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: - CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. - CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. - CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

7.7CVSS7.2AI score0.02224EPSS
Exploits1References12
Rows per page
Query Builder