3 matches found
CVE-2024-29031
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the order parameter of...
CVE-2024-29031
CVE-2024-29031 documents a SQL injection in Meshery (github.com/layer5io/meshery) affecting GetMeshSyncResources via the order parameter, prior to version 0.7.17. The root cause is improper input handling that could disclose sensitive information. The issue is mitigated by upgrading to version 0....
CVE-2024-29031 Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the order parameter of...