io.fabric8:kubernetes-client is vulnerable to arbitrary code execution. Misconfigured YAML parsing in unmarshalYaml
function allows local authenticated attackers to execute arbitrary code on the target machine via a maliciously crafted YAML string.
access.redhat.com/security/cve/CVE-2021-4178
bugzilla.redhat.com/show_bug.cgi?id=2034388
github.com/advisories/GHSA-98g7-rxmf-rrxm
github.com/fabric8io/kubernetes-client/commit/445103004d1ed3153d5abb272473451d05891e39
github.com/fabric8io/kubernetes-client/issues/3653
github.com/fabric8io/kubernetes-client/pull/2646