67 matches found
SUSE CVE-2023-46575
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter...
CVE-2021-31856
A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint order parameter in GetMesheryPatterns in models/mesherypatternpersister.go...
EUVD-2024-2591
Malicious code in bioql PyPI...
EUVD-2024-2546
Malicious code in bioql PyPI...
EUVD-2024-2508
Malicious code in bioql PyPI...
EUVD-2023-2939
Malicious code in bioql PyPI...
CVE-2024-35181
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
CVE-2024-36535
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...
CVE-2024-35182
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
CVE-2024-29031
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the order parameter of...
GO-2024-3045 Meshery SQL Injection vulnerability in github.com/layer5io/meshery
Meshery SQL Injection vulnerability in github.com/layer5io/meshery...
GO-2024-3051 Meshery SQL Injection vulnerability in github.com/layer5io/meshery
Meshery SQL Injection vulnerability in github.com/layer5io/meshery. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest a...
GO-2024-3050 Meshery SQL Injection vulnerability in github.com/layer5io/meshery
Meshery SQL Injection vulnerability in github.com/layer5io/meshery. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest a...
Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
GHSA-9F24-JRV4-F8G5 Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
GHSA-H7CM-JVPP-69XF Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the order parameter of...
GHSA-652R-Q29P-M25H Meshery SQL Injection vulnerability
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the order parameter of...
CVE-2024-36535
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...