Lucene search
+L

24 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-4447

Malicious code in bioql PyPI...

7.4CVSS6.2AI score0.01312EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.3 views

com.baidu.hugegraph:computer-k8s (>=0.1.0 <=0.1.3), com.baidu.hugegraph:computer-test (>=0.1.0 <=0.1.3) +152 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.5.0 <=5.7.3)

io.fabric8:kubernetes-client MAVEN version =5.5.0, =0.1.0, =0.1.0, =0.0.13, =2.12.0, =1.96.0, =0.6.0, =0.6.0, =2.5.0, =2.5.0, =2.5.0, =2.6.0 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 11:14 a.m.42 views

Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

Summary There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. Vulnerability Details CVEID: CVE-2021-4178 DESCRIPTION: Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

6.7CVSS2AI score0.00309EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 5:44 p.m.5 views

com.lightbend.akka:kube-actions_2.12 (>=0.0.0-1-5c26b172 <=0.1.1), com.lightbend.akka:kube-actions_2.13 (>=0.0.0-1-5c26b172 <=0.1.1) +141 more potentially affected by CVE-2021-20218 via io.fabric8:kubernetes-client (>=5.0.0 <=5.0.1)

io.fabric8:kubernetes-client MAVEN version =5.0.0, =0.0.0-1-5c26b172, =0.0.0-1-5c26b172, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504...

7.4CVSS6.7AI score0.01312EPSS
Exploits0
OSV
OSV
added 2022/05/24 5:44 p.m.55 views

GHSA-JWH2-FFG4-48XC Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score0.01312EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.41 views

Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS3.8AI score0.01312EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2022/02/21 6:22 p.m.5 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 1:56 p.m.3 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 12:52 p.m.4 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.5 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:54 a.m.4 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.1 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/05 1:18 p.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/04/05 12:0 a.m.49 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.5 (RHSA-2021:1006)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1006 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.6CVSS7.1AI score0.03478EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/03/29 11:12 a.m.4 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/25 9:43 a.m.92 views

Low: Red Hat Security Advisory: AMQ Online 1.7.0 release and security update

An update of the Red Hat OpenShift Container Platform 3.11 and 4.6/4.7 container images is now available for Red Hat AMQ Online. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.4CVSS6.6AI score0.18891EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/03/25 9:43 a.m.4 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
NVD
NVD
added 2021/03/16 9:15 p.m.40 views

CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS0.01312EPSS
Exploits0References2
OSV
OSV
added 2021/03/16 9:15 p.m.42 views

CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score
Exploits0References2
Prion
Prion
added 2021/03/16 9:15 p.m.25 views

Design/Logic Flaw

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

5.8CVSS7.3AI score0.01312EPSS
Exploits0References2Affected Software6
Rows per page
Query Builder