Kubeoperator Kubepi
3 CVEs affecting Kubeoperator Kubepi. Latest disclosed: 2023-01-14. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22463 | Critical | 9.8 | 2023-01-04 | KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all onl… |
CVE-2023-22479 | High | 7.5 | 2023-01-10 | KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible… |
CVE-2023-22478 | High | 7.3 | 2023-01-14 | KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1… |