Description
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
Remediation
References
http://www.openwall.com/lists/oss-security/2022/08/23/2
https://github.com/kubernetes-client/java/issues/1698
https://groups.google.com/g/kubernetes-security-announce/c/K_pOK2WbAJk
Related Vulnerabilities
CVE-2020-13934 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-46366 Vulnerability in maven package tapestry:tapestry
CVE-2023-22665 Vulnerability in maven package org.apache.jena:jena-arq
CVE-2021-37712 Vulnerability in npm package tar
CVE-2021-27905 Vulnerability in maven package org.apache.solr:solr-core