Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat kubernetes-client vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2021-20218
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability ...
Redhat Kubernetes-client
Redhat A-mq Online -
Redhat Build Of Quarkus -
Redhat Codeready Studio 12.0
Redhat Descision Manager 7.0
Redhat Integration Camel K -
Redhat Jboss Fuse 7.0.0
Redhat Openshift Container Platform 3.11
Redhat Process Automation 7.0
6.7
CVSSv3
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged malicious user to supply malicious YAML.
Redhat Fabric8-kubernetes
Redhat Fabric8-kubernetes 5.8.0
Redhat Fabric8-kubernetes 5.0.0
Redhat Process Automation 7.0
Redhat Openshift Application Runtimes -
Redhat Descision Manager 7.0
Redhat Integration Camel K -
Redhat A-mq Streams 2.0.1
Redhat Fuse 7.11
Redhat Integration Camel Quarkus 2.2.1
Redhat Build Of Quarkus 2.2.5
6.5
CVSSv3
CVE-2019-11250
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authe...
Kubernetes Kubernetes 1.16.0
Kubernetes Kubernetes
Kubernetes Kubernetes 1.15.4
Kubernetes Kubernetes 1.15.3
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started