VYPR
Moderate severityNVD Advisory· Published Aug 24, 2022· Updated Aug 3, 2024

CVE-2021-4178

CVE-2021-4178

Description

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.fabric8:kubernetes-clientMaven
>= 5.0.0-beta-1, < 5.0.35.0.3
io.fabric8:kubernetes-clientMaven
>= 5.1.0, < 5.1.25.1.2
io.fabric8:kubernetes-clientMaven
>= 5.2.0, < 5.3.25.3.2
io.fabric8:kubernetes-clientMaven
>= 5.5.0, < 5.7.45.7.4
io.fabric8:kubernetes-clientMaven
>= 5.8.0, < 5.8.15.8.1
io.fabric8:kubernetes-clientMaven
>= 5.9.0, < 5.10.25.10.2
io.fabric8:kubernetes-clientMaven
>= 5.11.0, < 5.11.25.11.2

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.