Description
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
Remediation
References
https://groups.google.com/g/kubernetes-security-announce/c/K_pOK2WbAJk
https://github.com/kubernetes-client/java/issues/1698
http://www.openwall.com/lists/oss-security/2022/08/23/2
Related Vulnerabilities
CVE-2021-23702 Vulnerability in npm package object-extend
CVE-2020-35201 Vulnerability in maven package org.igniterealtime.openfire.plugins:bookmarks
CVE-2023-34468 Vulnerability in maven package org.apache.nifi:nifi-dbcp-base
CVE-2023-39913 Vulnerability in maven package org.apache.uima:uimaj-cpe
CVE-2022-42009 Vulnerability in maven package org.apache.ambari:ambari