Go modules package
github.com/layer5io/meshery
pkg:golang/github.com/layer5io/meshery
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35182 | Med | 5.9 | < 0.7.22 | 0.7.22 | May 27, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p | |
| CVE-2024-35181 | Med | 5.9 | < 0.7.22 | 0.7.22 | May 27, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p | |
| CVE-2024-29031 | Hig | 7.5 | < 0.7.17 | 0.7.17 | Mar 21, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the `order` pa | |
| CVE-2023-46575 | Cri | 9.8 | < 0.6.179 | 0.6.179 | Nov 24, 2023 | A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter |
- affected < 0.7.22fixed 0.7.22
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p
- affected < 0.7.22fixed 0.7.22
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p
- affected < 0.7.17fixed 0.7.17
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the `order` pa
- affected < 0.6.179fixed 0.6.179
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter