Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-29031

Published: 21/03/2024 Updated: 22/03/2024

Vulnerability Summary

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote malicious user to obtain sensitive information via the `order` parameter of `GetMeshSyncResources`. Version 0.7.17 contains a patch for this issue.

References

https://securitylab.github.com/advisories/GHSL-2023-249_Meshery/https://github.com/meshery/meshery/pull/10207https://github.com/meshery/meshery/commit/8e995ce21af02d32ef61689c1e1748a745917f13https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook