Vulnerabilities > Mirantis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2022-0484 | Improper Input Validation vulnerability in Mirantis Container Cloud Lens Extension Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. | 8.8 |
| 2022-01-25 | CVE-2022-0270 | Unspecified vulnerability in Mirantis Bored-Agent Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups. | 8.8 |
| 2022-01-10 | CVE-2021-23154 | OS Command Injection vulnerability in Mirantis Lens In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. | 7.8 |
| 2022-01-10 | CVE-2021-23218 | Memory Leak vulnerability in Mirantis Container Runtime 20.10.8 When running with FIPS mode enabled, Mirantis Container Runtime 20.10.8 leaks memory during TLS Handshakes which could be abused to cause a denial of service. | 7.5 |
| 2022-01-10 | CVE-2021-44458 | Origin Validation Error vulnerability in Mirantis Lens Linux users running Lens 5.2.6 and earlier could be compromised by visiting a malicious website. | 9.6 |