CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39383 – SSRF vulnerability in KubeVela VelaUX APIServer
https://notcve.org/view.php?id=CVE-2022-39383
KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this vulnerability. When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability. Users who're using v1.6, please update the v1.6.1. Users who're using v1.5, please update the v1.5.8. • https://github.com/kubevela/kubevela/pull/5000 https://github.com/kubevela/kubevela/security/advisories/GHSA-m5xf-x7q6-3rm7 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-36089 – VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay
https://notcve.org/view.php?id=CVE-2022-36089
KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the `PlatformID` as the signed key to generate the JWT tokens for users. Another API called `getSystemInfo` exposes the platformID. This vulnerability allows users to use the platformID to re-generate the JWT tokens to bypass the authentication. Versions 1.4.11 and 1.5.4 contain a patch for this issue. • https://github.com/kubevela/kubevela/pull/4634 https://github.com/kubevela/kubevela/security/advisories/GHSA-cq42-w295-r29q • CWE-294: Authentication Bypass by Capture-replay •