CVE-2021-4178
published 2022-08-24CVE-2021-4178: A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | a-mq_streams | — | — |
| redhat | build_of_quarkus | — | — |
| redhat | descision_manager | — | — |
| redhat | fabric8-kubernetes | — | — |
| redhat | fabric8-kubernetes | — | — |
| redhat | fabric8-kubernetes | >= 5.0.1 < 5.0.3 | 5.0.3 |
| redhat | fabric8-kubernetes | >= 5.1.0 < 5.1.2 | 5.1.2 |
| redhat | fabric8-kubernetes | >= 5.11.0 < 5.11.2 | 5.11.2 |
| redhat | fabric8-kubernetes | >= 5.2.0 < 5.3.2 | 5.3.2 |
| redhat | fabric8-kubernetes | >= 5.5.0 < 5.7.4 | 5.7.4 |
| redhat | fabric8-kubernetes | >= 5.9.0 < 5.10.2 | 5.10.2 |
| redhat | fuse | — | — |
| redhat | integration_camel_quarkus | — | — |
| redhat | process_automation | — | — |