Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-4447

Malicious code in bioql PyPI...

7.4CVSS6.2AI score0.01312EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.5 views

com.dajudge.kindcontainer:kindcontainer (=0.0.15), io.automatiko.quarkus:automatiko-operator (=0.10.0) +93 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (=5.8.0)

io.fabric8:kubernetes-client MAVEN version =5.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.fabric8:kubernetes-client and may be impacted: - com.dajudge.kindcontainer:kindcontainer =0.0.15 - io.automatiko.quarkus:automatiko-operator =0.10.0 -...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.3 views

com.baidu.hugegraph:computer-k8s (>=0.1.0 <=0.1.3), com.baidu.hugegraph:computer-test (>=0.1.0 <=0.1.3) +152 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.5.0 <=5.7.3)

io.fabric8:kubernetes-client MAVEN version =5.5.0, =0.1.0, =0.1.0, =0.0.13, =2.12.0, =1.96.0, =0.6.0, =0.6.0, =2.5.0, =2.5.0, =2.5.0, =2.6.0 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/07/15 5:17 a.m.50 views

fabric8 kubernetes-client vulnerable

fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing...

6.7CVSS4.5AI score0.00309EPSS
Exploits0References7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 11:14 a.m.42 views

Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

Summary There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. Vulnerability Details CVEID: CVE-2021-4178 DESCRIPTION: Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

6.7CVSS2AI score0.00309EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/05/24 5:44 p.m.55 views

GHSA-JWH2-FFG4-48XC Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score0.01312EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/24 5:44 p.m.5 views

com.lightbend.akka:kube-actions_2.12 (>=0.0.0-1-5c26b172 <=0.1.1), com.lightbend.akka:kube-actions_2.13 (>=0.0.0-1-5c26b172 <=0.1.1) +141 more potentially affected by CVE-2021-20218 via io.fabric8:kubernetes-client (>=5.0.0 <=5.0.1)

io.fabric8:kubernetes-client MAVEN version =5.0.0, =0.0.0-1-5c26b172, =0.0.0-1-5c26b172, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504...

7.4CVSS6.7AI score0.01312EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.40 views

Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS3.8AI score0.01312EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2022/02/21 6:22 p.m.5 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 1:56 p.m.3 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 12:52 p.m.4 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/01/26 3:52 p.m.5 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.5 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:54 a.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.1 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/05 1:18 p.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/04/05 12:0 a.m.49 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.5 (RHSA-2021:1006)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1006 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.6CVSS7.1AI score0.03478EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/03/29 11:12 a.m.4 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/25 9:43 a.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
Rows per page
Query Builder