Meshery
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36535 | Cri | 0.64 | 9.8 | 0.00 | Jul 24, 2024 | Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||
| CVE-2023-46575 | Cri | 0.57 | 9.8 | 0.01 | Nov 24, 2023 | A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter | ||
| CVE-2024-29031 | Hig | 0.42 | 7.5 | 0.01 | Mar 21, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the `order`… | ||
| CVE-2024-35182 | Med | 0.31 | 5.9 | 0.02 | May 27, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries… | ||
| CVE-2024-35181 | Med | 0.31 | 5.9 | 0.02 | May 27, 2024 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries… |
- risk 0.64cvss 9.8epss 0.00
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- risk 0.57cvss 9.8epss 0.01
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter
- risk 0.42cvss 7.5epss 0.01
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive information via the `order`…
- risk 0.31cvss 5.9epss 0.02
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries…
- risk 0.31cvss 5.9epss 0.02
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries…