Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-4447

Malicious code in bioql PyPI...

7.4CVSS6.2AI score0.01312EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2022/07/15 5:17 a.m.3 views

com.baidu.hugegraph:computer-k8s (>=0.1.0 <=0.1.3), com.baidu.hugegraph:computer-test (>=0.1.0 <=0.1.3) +152 more potentially affected by CVE-2021-4178 via io.fabric8:kubernetes-client (>=5.5.0 <=5.7.3)

io.fabric8:kubernetes-client MAVEN version =5.5.0, =0.1.0, =0.1.0, =0.0.13, =2.12.0, =1.96.0, =0.6.0, =0.6.0, =2.5.0, =2.5.0, =2.5.0, =2.6.0 and more Source cves: CVE-2021-4178 Source advisory: OSV:GHSA-98G7-RXMF-RRXM...

6.7CVSS6.8AI score0.00309EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 11:14 a.m.42 views

Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

Summary There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. Vulnerability Details CVEID: CVE-2021-4178 DESCRIPTION: Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

6.7CVSS2AI score0.00309EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 5:44 p.m.5 views

com.lightbend.akka:kube-actions_2.12 (>=0.0.0-1-5c26b172 <=0.1.1), com.lightbend.akka:kube-actions_2.13 (>=0.0.0-1-5c26b172 <=0.1.1) +141 more potentially affected by CVE-2021-20218 via io.fabric8:kubernetes-client (>=5.0.0 <=5.0.1)

io.fabric8:kubernetes-client MAVEN version =5.0.0, =0.0.0-1-5c26b172, =0.0.0-1-5c26b172, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504, =0.0.1-back-to-core-20210504...

7.4CVSS6.7AI score0.01312EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.40 views

Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS3.8AI score0.01312EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 5:44 p.m.25 views

GHSA-JWH2-FFG4-48XC Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score0.01312EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/02/21 6:22 p.m.4 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 1:56 p.m.2 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/08 12:52 p.m.3 views

kubernetes-client: Insecure deserialization in unmarshalYaml method

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...

6.7CVSS7.6AI score0.00309EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.5 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:54 a.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.1 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/05 1:18 p.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/04/05 12:0 a.m.49 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.5 (RHSA-2021:1006)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1006 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.6CVSS7.1AI score0.03478EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/03/29 11:12 a.m.4 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/25 9:43 a.m.3 views

fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS5.7AI score0.01312EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/25 9:43 a.m.92 views

Low: Red Hat Security Advisory: AMQ Online 1.7.0 release and security update

An update of the Red Hat OpenShift Container Platform 3.11 and 4.6/4.7 container images is now available for Red Hat AMQ Online. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.4CVSS6.6AI score0.18891EPSS
Exploits1References4
OSV
OSV
added 2021/03/16 9:15 p.m.42 views

CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2021/03/16 9:15 p.m.40 views

CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

7.4CVSS0.01312EPSS
Exploits0References2
Prion
Prion
added 2021/03/16 9:15 p.m.24 views

Design/Logic Flaw

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

5.8CVSS7.3AI score0.01312EPSS
Exploits0References2Affected Software6
Rows per page
Query Builder