github.com/layer5io/meshery
Go4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting github.com/layer5io/mesherypage 1 of 1
- CVE-2023-46575CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.6.1792023-11-24
A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the “order” parameter
- CVE-2024-29031HIGHCVSS 7.5EG 7.5✓ Fixed in 0.7.172024-03-21
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain…
- CVE-2024-35181MEDIUMCVSS 5.9EG 5.92024-05-27
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write b…
- CVE-2024-35182MEDIUMCVSS 5.9EG 5.92024-05-27
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write b…
Check whether github.com/layer5io/meshery is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/layer5io/meshery CVEs against the assets you own.
Start Free Scan →