Skip to main content

Kubevela

2 CVEs product

Monthly

CVE-2022-39383 Go MEDIUM PATCH This Month

KubeVela is an open source application delivery platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Kubevela
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-36089 CRITICAL PATCH Act Now

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Kubevela
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

KubeVela is an open source application delivery platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Kubevela
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Kubevela
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy