1panel-dev Kubepi
3 CVEs affecting 1panel-dev Kubepi. Latest disclosed: 2024-07-25. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-37917 | Critical | 9.1 | 2023-07-21 | KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the `isadmin` value… |
CVE-2023-37916 | Medium | 6.5 | 2023-07-21 | KubePi is an opensource kubernetes management panel. The endpoint /kubepi/api/v1/users/search?pageNum=1&&pageSize=10 leak password hash of any user (including… |
CVE-2024-36111 | Medium | 6.3 | 2024-07-25 | KubePi is a K8s panel. Starting in version 1.6.3 and prior to version 1.8.0, there is a defect in the KubePi JWT token verification. The JWT key in the default… |