11 matches found
EUVD-2024-1030
Malicious code in bioql PyPI...
CVE-2023-51699
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
GO-2024-2644 Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime in github.com/fluid-cloudnative/fluid
Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime in github.com/fluid-cloudnative/fluid...
OS Command Injection
github.com/fluid-cloudnative/fluid is vulnerable to OS Command Injection. The vulnerability is due to insufficient input validation within the JuicefsRuntime, allowing an authenticated user with the authority to create or update the K8s CRD Dataset/JuicefsRuntime to execute arbitrary OS commands...
CVE-2023-51699
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
CVE-2023-51699
Summary: CVE-2023-51699 affects Fluid’s JuicefsRuntime within the Fluid project, enabling OS command injection by an authenticated user with authority to create/update the K8s CRD datasets/ JuicefsRuntime. What is affected: Fluid (open source Kubernetes-native Distributed Dataset Orchestrator) an...
CVE-2023-51699 OS Command Injection for Fluid Users with JuicefsRuntime
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
CVE-2023-51699 OS Command Injection for Fluid Users with JuicefsRuntime
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
CVE-2023-51699 OS Command Injection for Fluid Users with JuicefsRuntime
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
GHSA-WX8Q-4GM9-RJ2G Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime
Impact OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8s CRD Dataset/JuicefsRuntime, to execute arbitrary OS commands within the juicefs related containers. This could lead to...
Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime
Impact OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8s CRD Dataset/JuicefsRuntime, to execute arbitrary OS commands within the juicefs related containers. This could lead to...