CVE-2021-4178

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-4178
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4178.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-4178
Aliases
Downstream
Related
Published
2022-08-24T16:15:09.770Z
Modified
2026-02-03T07:30:30.912378Z
Severity
  • 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.

References

Affected packages

Git / github.com/fabric8io/kubernetes-client

Affected ranges

Type
GIT
Repo
https://github.com/fabric8io/kubernetes-client
Events
Introduced
f000ac9194723781fe8c9c24fcf5bf58498bb260
Fixed
0fa9285f03abe2c8d27a551dc0a0192f7a68b61e
Introduced
65d13c08b527495d658c94017c88de248110cb82
Fixed
11a73980ed4a49e5bbe3e729414760fb5c8bcadc
Introduced
5f5c8d3f76375ffc0bccfc3c4f417beaac031024
Fixed
23db4301478e74dac7154af70907bf98f2936ff5
Introduced
109675fc7f4d1fa84ea445ad369eb1261b76a0cf
Fixed
5e096210f7236a1c7d4954c35b8d410eb98730aa
Introduced
faf7555f4f15681452ac3b42cce557e2e73ba7fa
Fixed
930aa487f848cdb7ba9c3cf9fe4904c1a843179f
Introduced
1a59e3bd1f5e63bf984f4f5bbdcbe376cf1704f1
Fixed
bdcb8f7bfd905523b8b58fd4e3330a02dd82cbfb

Affected versions

v4.*
v4.13.2
v5.*
v5.0.1
v5.0.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4178.json"