Every CVE whose affected-product data names Layer5 Meshery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-31856 — CVSS 9.8 (critical): A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the…
CVE-2023-46575 — CVSS 9.8 (critical): A SQL injection vulnerability exists in Meshery prior to version v0.6.179, enabling a remote attacker to retrieve sensitive information and…
CVE-2024-36535 — CVSS 9.8 (critical): Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service…
CVE-2024-29031 — CVSS 7.5 (high): Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications…
CVE-2024-35181 — CVSS 5.9 (medium): Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications…
CVE-2024-35182 — CVSS 5.9 (medium): Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications…