mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
77 lines
2.4 KiB
JSON
77 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2024-32359",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "http://carina.com",
|
|
"refsource": "MISC",
|
|
"name": "http://carina.com"
|
|
},
|
|
{
|
|
"url": "https://github.com/HouqiyuA/k8s-rbac-poc",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/HouqiyuA/k8s-rbac-poc"
|
|
},
|
|
{
|
|
"url": "https://github.com/carina-io/carina",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/carina-io/carina"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906",
|
|
"url": "https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906"
|
|
}
|
|
]
|
|
}
|
|
} |