23 matches found
EUVD-2022-1339
Malicious code in bioql PyPI...
Critical Photon OS Security Update - PHSA-2025-4.0-0804
Updates of 'rubygem-kubeclient', 'rubygem-jmespath', 'dotnet-sdk', 'dotnet-runtime' packages of Photon OS have been released...
Linux Distros Unpatched Vulnerability : CVE-2022-0759
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files...
kubeclient: kubeconfig parsing error can lead to MITM attacks
A flaw was found in kubeclient, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns VERIFYNONE. Ruby applications that leverage...
Important: Red Hat Security Advisory: Logging Subsystem 5.4 - Red Hat OpenShift Security and Bug update
Logging Subsystem 5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...
Man-in-the-Middle (MitM)
kubeclient is vulnerable to man-in-the-middle attacks. The attacker is able to steal user credentials to the cluster via a crafted certificate because the context function in Config returns hard-coded VERIFYNONE when the custom CA is not defined...
GHSA-69P3-XP37-F692 Improper Certificate Validation in kubeclient
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
Improper Certificate Validation in kubeclient
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
Improper Certificate Validation in kubeclient
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
DEBIAN-CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
UBUNTU-CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
Design/Logic Flaw
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
CVE-2022-0759
CVE-2022-0759 – kubeclient MITM vulnerability (Ruby Kubernetes client) Affected: kubeclient (Ruby) up to version
CVE-2022-0759
A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns...
ManageIQ MiqExpression 信任管理问题漏洞
ManageIQ MiqExpression is a functional module. A security vulnerability exists in ManageIQ MiqExpression that stems from a problem with parsing files in the Ruby client of the application. kubeclient of the Kubernetes REST API ends up accepting any certificate when the kubeconfig file is not...
CVE-2022-0759
A flaw was found in kubeclient, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate it wrongly returns VERIFYNONE. Ruby applications that leverage...