CVE-2023-22478

Missing Authorization in go/github.com/KubeOperator/KubePi

Identifiers

CVE-2023-22478, GHSA-gqx8-hxmv-c4v4, GMS-2023-5

Package Slug

go/github.com/KubeOperator/KubePi

Vulnerability

Missing Authorization

Description

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds.

Affected Versions

All versions before 1.6.4

Solution

Upgrade to version 1.6.4 or above.

Last Modified

2023-01-26

source