Lucene search
Veracode Vulnerability DatabaseVERACODE:36381HistoryJul 18, 2022 - 7:12 a.m.
Arbitrary Code Execution
2022-07-1807:12:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.0005 Low
EPSS
Percentile
17.0%
io.fabric8:kubernetes-client is vulnerable to arbitrary code execution. Misconfigured YAML parsing in unmarshalYaml function allows local authenticated attackers to execute arbitrary code on the target machine via a maliciously crafted YAML string.
References
access.redhat.com/security/cve/CVE-2021-4178
bugzilla.redhat.com/show_bug.cgi?id=2034388
github.com/advisories/GHSA-98g7-rxmf-rrxm
github.com/fabric8io/kubernetes-client/commit/445103004d1ed3153d5abb272473451d05891e39
github.com/fabric8io/kubernetes-client/issues/3653
github.com/fabric8io/kubernetes-client/pull/2646
Related
osv
osv
fabric8 kubernetes-client vulnerable
2022-07-15 05:17:35
CVE-2021-4178
2022-08-24 16:15:09
cvelist
cvelist
CVE-2021-4178
2022-08-24 15:02:11
github
github
fabric8 kubernetes-client vulnerable
2022-07-15 05:17:35
prion
prion
Code injection
2022-08-24 16:15:00
nvd
nvd
CVE-2021-4178
2022-08-24 16:15:09
redhatcve
redhatcve
CVE-2021-4178
2022-01-06 17:52:03
nessus
nessus
cve
cve
CVE-2021-4178
2022-08-24 16:15:09
ibm
ibm
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00