RSS   Vulnerabilities for 'KYMA'   RSS

2021-12-14
 
CVE-2021-38182

CWE-20
 

 
Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.

 
2021-08-10
 
CVE-2021-33708

CWE-20
 

 
Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges.

 


Copyright 2024, cxsecurity.com

 

Back to Top