2 matches found
MCP Server Kubernetes has an Argument Injection in port_forward tool via space-splitting
Summary The portforward tool in mcp-server-kubernetes constructs a kubectl command as a string and splits it on spaces before passing to spawn. Unlike all other tools in the codebase which correctly use execFileSync"kubectl", argsArray, portforward uses string concatenation with user-controlled...
Virtuozzo Hybrid Infrastructure 4.6 Update 2
This update provides bug fixes and improvements. Vulnerability id: VSTOR-45618 Incorrect storage usage values are reported. Vulnerability id: VSTOR-45724 Some users cannot access S3 via the user panel. Vulnerability id: VSTOR-44252 Detection of slow disks works inside virtual environments...