CVE-2024-36535
- EPSS 0.26%
- Veröffentlicht 24.07.2024 20:15:04
- Zuletzt bearbeitet 03.09.2025 19:51:27
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
CVE-2024-35181
- EPSS 0.15%
- Veröffentlicht 27.05.2024 19:15:08
- Zuletzt bearbeitet 02.09.2025 20:46:23
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a S...
CVE-2024-35182
- EPSS 0.11%
- Veröffentlicht 27.05.2024 19:15:08
- Zuletzt bearbeitet 02.09.2025 20:41:40
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a S...
CVE-2024-29031
- EPSS 1.19%
- Veröffentlicht 21.03.2024 23:15:11
- Zuletzt bearbeitet 02.09.2025 19:25:57
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive ...
CVE-2023-46575
- EPSS 0.69%
- Veröffentlicht 24.11.2023 14:15:08
- Zuletzt bearbeitet 21.11.2024 08:28:47
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter
CVE-2021-31856
- EPSS 78.97%
- Veröffentlicht 28.04.2021 06:15:07
- Zuletzt bearbeitet 21.11.2024 06:06:21
A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go).