Lucene search
K

8 matches found

Veracode
Veracode
added 2025/11/03 8:10 a.m.7 views

OS Command Injection

github.com/chaos-mesh/chaos-mesh is vulnerable to OS command injection. The vulnerability is due to improper input validation in the cleanIptables mutation, which allows an unauthenticated in-cluster attacker to execute arbitrary commands and achieve remote code execution across the cluster...

9.8CVSS9.1AI score0.03269EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/09/19 11:22 p.m.3 views

SUSE CVE-2025-59360

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.02814EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/17 12:49 p.m.4 views

CVE-2025-59360

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.4AI score0.02814EPSS
Exploits2References1
Github Security Blog
Github Security Blog
added 2025/09/15 12:31 p.m.8 views

Chaos Controller Manager is vulnerable to OS command injection

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS8.5AI score0.02814EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/09/15 12:15 p.m.5 views

CVE-2025-59359

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS0.02926EPSS
Exploits1References2
NVD
NVD
added 2025/09/15 12:15 p.m.6 views

CVE-2025-59360

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS0.02814EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/15 11:41 a.m.7 views

CVE-2025-59361 OS command injection in Chaos Mesh via the cleanIptables mutation

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS0.03269EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/15 11:41 a.m.1 views

CVE-2025-59361 OS command injection in Chaos Mesh via the cleanIptables mutation

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

9.8CVSS7.7AI score0.03269EPSS
Exploits1References2
Rows per page
Query Builder