CVE-2021-38182
Published
CVSS v3
8.8
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.
Kyma is an opinionated set of Kubernetes-based modular building blocks, including all necessary capabilities to develop and run enterprise-grade cloud-native applications.
GitHub