📦 Meshery

Name: Meshery
Author: Layer5

by Layer5

🔍 What is Meshery?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-36535

CRITICAL CVSS 9.8 Jul 24, 2024

Meshery v0.7.51 has insecure permissions that allow attackers to access the service account's token. This enables privilege escalation and access to sensitive data. Organizations running vulnerable Me...

CVE-2023-46575

CRITICAL CVSS 9.8 Nov 24, 2023

A SQL injection vulnerability in Meshery allows remote attackers to execute arbitrary SQL commands through the 'order' parameter, potentially leading to data theft and remote code execution. This affe...

CVE-2024-29031

HIGH CVSS 7.5 Mar 21, 2024

This SQL injection vulnerability in Meshery allows remote attackers to extract sensitive information from the database by manipulating the 'order' parameter in the GetMeshSyncResources function. Organ...

CVE-2024-35181

MEDIUM CVSS 5.9 May 27, 2024

A SQL injection vulnerability in Meshery versions prior to 0.7.22 allows attackers to execute arbitrary SQL commands via the 'order' query parameter in the GetMeshSyncResourcesKinds API endpoint. This...