VYPR

Meshery

by Meshery

Source repositories

CVEs (5)

  • CVE-2024-36535CriJul 24, 2024
    risk 0.64cvss 9.8epss 0.00

    Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.

  • CVE-2023-46575CriNov 24, 2023
    risk 0.57cvss 9.8epss 0.01

    A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter

  • CVE-2024-29031HigMar 21, 2024
    risk 0.42cvss 7.5epss 0.01

    Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the `order`…

  • CVE-2024-35182MedMay 27, 2024
    risk 0.31cvss 5.9epss 0.02

    Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries…

  • CVE-2024-35181MedMay 27, 2024
    risk 0.31cvss 5.9epss 0.02

    Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries…