Lucene search
K

53 matches found

vulnersOsv
vulnersOsv
added 2026/06/01 10:29 a.m.7 views

org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.5), org.apache.activemq:activemq-web-console (>=6.0.0 <=6.2.5) +2 more potentially affected by CVE-2026-42253 via org.apache.activemq:activemq-web (>=6.0.0 <=6.2.5)

org.apache.activemq:activemq-web MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.5 Source cves: CVE-2026-42253 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151924...

6.1CVSS5.7AI score0.01107EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.7.5 (RHSA-2021:1006)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1006 advisory. - golang: crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 - gogo/protobuf: plugin/unmarshal/unmarshal.go lack...

8.6CVSS5.8AI score0.03478EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2026/03/04 9:31 a.m.8 views

io.quarkiverse.artemis:quarkus-test-artemis (>=3.12.0 <=3.12.1.CR1), org.apache.artemis:apache-artemis (>=2.50.0 <=2.51.0) +26 more potentially affected by CVE-2026-27446 via org.apache.artemis:artemis-server (>=2.50.0 <=2.51.0)

org.apache.artemis:artemis-server MAVEN version =2.50.0, =3.12.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.51.0 and more Source cves: CVE-2026-27446 Source advisory: OSV:GHSA-FW88-PF9M-P947...

9.8CVSS7.7AI score0.10629EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-4447

Malicious code in bioql PyPI...

7.4CVSS6.2AI score0.01312EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5525

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00556EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/12/30 10:13 p.m.10 views

io.fabric8.apps:apiman (>=2.2.9.1 <=2.2.19), io.fabric8.apps:distro (>=2.2.7 <=2.2.19) +6 more potentially affected by CVE-2022-36437 via io.apiman:apiman-gateway-platforms-vertx (=1.1.3.CR1)

io.apiman:apiman-gateway-platforms-vertx MAVEN version =1.1.3.CR1 is affected by a known vulnerability. The following packages have a transitive dependency on io.apiman:apiman-gateway-platforms-vertx and may be impacted: - io.fabric8.apps:apiman =2.2.9.1, =2.2.7, =2.2.9.1, =2.2.7, =2.2.7, =2.1.2,...

9.1CVSS7.2AI score0.01021EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/12/21 6:30 p.m.6 views

io.fabric8:fabric8-maven-plugin (=1.2.0.redhat-133), it.uniroma2.art.maple:maple-karaf-distribution (>=0.0.3 <=0.0.5) +2 more potentially affected by CVE-2022-40145 via org.apache.karaf:apache-karaf (>=4.4.1 <=4.4.11)

org.apache.karaf:apache-karaf MAVEN version =4.4.1, =0.0.3, =0.0.5 - org.apache.camel.karaf:camel-test-karaf =3.19.0 - org.apache.karaf.demos:web =4.1.7 Source cves: CVE-2022-40145 Source advisory: OSV:GHSA-C2P4-8MVV-RWMV...

9.8CVSS7.2AI score0.02404EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/12/14 1:17 p.m.2 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
Veracode
Veracode
added 2022/07/18 7:12 a.m.34 views

Arbitrary Code Execution

io.fabric8:kubernetes-client is vulnerable to arbitrary code execution. Misconfigured YAML parsing in unmarshalYaml function allows local authenticated attackers to execute arbitrary code on the target machine via a maliciously crafted YAML string...

6.7CVSS6.5AI score0.00309EPSS
Exploits0References6Affected Software2
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.4 views

com.apothesource.fam.kubeint.itest:com.apothesource.fam.kubeint.itest.gradle.plugin (>=0.0.1 <=0.4.3), com.apothesource.fam:kubeint-gradle-plugin (>=0.0.1 <=0.4.3) +153 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.2.0 <=5.3.1)

io.fabric8:kubernetes-client MAVEN version =5.2.0, =0.0.1, =0.0.1, =0.3.0, =0.4.0, =5.2.0, =5.3.0, =5.3.0, =5.3.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.3.1 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.3 views

com.baidu.hugegraph:computer-k8s (>=0.1.0 <=0.1.3), com.baidu.hugegraph:computer-test (>=0.1.0 <=0.1.3) +152 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.5.0 <=5.7.3)

io.fabric8:kubernetes-client MAVEN version =5.5.0, =0.1.0, =0.1.0, =0.0.13, =2.12.0, =1.96.0, =0.6.0, =0.6.0, =2.5.0, =2.5.0, =2.5.0, =2.6.0 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.5 views

cz.xtf:builder (=0.25), cz.xtf:core (=0.25) +51 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.11.0 <=5.11.1)

io.fabric8:kubernetes-client MAVEN version =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.0, =5.11.1 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.4 views

com.dajudge.kindcontainer:kindcontainer (=0.0.15), io.automatiko.quarkus:automatiko-operator (=0.10.0) +93 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (=5.8.0)

io.fabric8:kubernetes-client MAVEN version =5.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.fabric8:kubernetes-client and may be impacted: - com.dajudge.kindcontainer:kindcontainer =0.0.15 - io.automatiko.quarkus:automatiko-operator =0.10.0 -...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
OSV
OSV
added 2022/07/15 5:17 a.m.3 views

GHSA-98G7-RXMF-RRXM fabric8 kubernetes-client vulnerable

fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/07/15 5:17 a.m.50 views

fabric8 kubernetes-client vulnerable

fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing...

6.7CVSS4.5AI score0.00309EPSS
Exploits0References7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 11:14 a.m.42 views

Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

Summary There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. Vulnerability Details CVEID: CVE-2021-4178 DESCRIPTION: Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

6.7CVSS2AI score0.00309EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/05/24 5:44 p.m.6 views

GHSA-JWH2-FFG4-48XC Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score0.01312EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.40 views

Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS3.8AI score0.01312EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 5:44 p.m.6 views

ai.h2o:sparkling-water-core_2.11 (>=3.32.0.1-2-2.1 <=3.36.0.2-1-2.4), ai.h2o:sparkling-water-doc_2.11 (>=3.34.0.3-1-2.2 <=3.36.0.2-1-2.4) +251 more potentially affected by CVE-2021-20218 via io.fabric8:kubernetes-client (>=4.2.0 <=4.7.1)

io.fabric8:kubernetes-client MAVEN version =4.2.0, =3.32.0.1-2-2.1, =3.34.0.3-1-2.2, =3.34.0.3-1-2.2, =3.34.0.3-1-2.2, =0.0.1, =1.9.51, =1.1.1, =7.4.1, =7.4.1play2.6, =23.1.0play2.7, =0.0.1, =0.0.1, =0.3.6, =0.2.0, =0.2.0, =0.3.9 and more Source cves: CVE-2021-20218 Source advisory: OSV:GHSA-JWH...

7.4CVSS6.6AI score0.01312EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/24 5:44 p.m.5 views

com.lightbend.akka:kube-actions_2.12 (>=0.0.0-1-5c26b172 <=0.1.1), com.lightbend.akka:kube-actions_2.13 (>=0.0.0-1-5c26b172 <=0.1.1) +141 more potentially affected by CVE-2021-20218 via io.fabric8:kubernetes-client (>=5.0.0 <=5.0.1)

io.fabric8:kubernetes-client MAVEN version =5.0.0, =0.0.0-1-5c26b172, =0.0.0-1-5c26b172, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504...

7.4CVSS6.7AI score0.01312EPSS
Exploits0
Rows per page
Query Builder