Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.fabric8/kubernetes-client@5.0.2
purl pkg:maven/io.fabric8/kubernetes-client@5.0.2
Next non-vulnerable version 5.0.3
Latest non-vulnerable version 5.11.2
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-wj5y-g7z1-9qam
Aliases:
CVE-2021-4178
GHSA-98g7-rxmf-rrxm
GMS-2022-2960
fabric8 kubernetes-client vulnerable fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing.
5.0.3
Affected by 0 other vulnerabilities.
5.1.2
Affected by 0 other vulnerabilities.
5.3.2
Affected by 0 other vulnerabilities.
5.7.4
Affected by 0 other vulnerabilities.
5.8.1
Affected by 0 other vulnerabilities.
5.10.2
Affected by 1 other vulnerability.
5.11.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-y4mj-2jec-j3gg Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 CVE-2021-20218
GHSA-jwh2-ffg4-48xc

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:05:34.881660+00:00 GitLab Importer Affected by VCID-wj5y-g7z1-9qam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/GMS-2022-2960.yml 38.4.0
2026-04-16T21:18:57.059483+00:00 GitLab Importer Fixing VCID-y4mj-2jec-j3gg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/CVE-2021-20218.yml 38.4.0
2026-04-11T23:21:33.862988+00:00 GitLab Importer Affected by VCID-wj5y-g7z1-9qam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/GMS-2022-2960.yml 38.3.0
2026-04-11T22:31:13.933101+00:00 GitLab Importer Fixing VCID-y4mj-2jec-j3gg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/CVE-2021-20218.yml 38.3.0
2026-04-05T02:18:33.140164+00:00 GitLab Importer Affected by VCID-wj5y-g7z1-9qam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/GMS-2022-2960.yml 38.1.0
2026-04-02T22:42:36.827579+00:00 GitLab Importer Fixing VCID-y4mj-2jec-j3gg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/CVE-2021-20218.yml 38.1.0
2026-04-01T17:00:18.124214+00:00 GitLab Importer Fixing VCID-y4mj-2jec-j3gg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.fabric8/kubernetes-client/CVE-2021-20218.yml 38.0.0
2026-04-01T16:02:05.421382+00:00 GHSA Importer Fixing VCID-y4mj-2jec-j3gg https://github.com/advisories/GHSA-jwh2-ffg4-48xc 38.0.0
2026-04-01T13:07:47.504761+00:00 GithubOSV Importer Fixing VCID-y4mj-2jec-j3gg https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jwh2-ffg4-48xc/GHSA-jwh2-ffg4-48xc.json 38.0.0