Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/kubeclient@0.2.0
Typegem
Namespace
Namekubeclient
Version0.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.9.3
Latest_non_vulnerable_version4.9.3
Affected_by_vulnerabilities
0
url VCID-puxh-g4cw-affj
vulnerability_id VCID-puxh-g4cw-affj
summary 
Improper Certificate Validation
A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0759.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0759.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0759
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.33311
published_at 2026-06-09T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.3329
published_at 2026-06-08T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33323
published_at 2026-06-07T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.3336
published_at 2026-06-06T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.33344
published_at 2026-06-05T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33243
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0759
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0759
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0759
3
reference_url https://github.com/ManageIQ/kubeclient
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/kubeclient
4
reference_url https://github.com/ManageIQ/kubeclient/commit/109ea71de5a8881748f03ebbe103b49f0f1c7887
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/kubeclient/commit/109ea71de5a8881748f03ebbe103b49f0f1c7887
5
reference_url https://github.com/ManageIQ/kubeclient/issues/554
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/kubeclient/issues/554
6
reference_url https://github.com/ManageIQ/kubeclient/issues/555
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/kubeclient/issues/555
7
reference_url https://github.com/ManageIQ/kubeclient/pull/556
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/kubeclient/pull/556
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/kubeclient/CVE-2022-0759.yml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/kubeclient/CVE-2022-0759.yml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014780
reference_id 1014780
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014780
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2058404
reference_id 2058404
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2058404
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0759
reference_id CVE-2022-0759
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0759
12
reference_url https://github.com/advisories/GHSA-69p3-xp37-f692
reference_id GHSA-69p3-xp37-f692
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-69p3-xp37-f692
13
reference_url https://access.redhat.com/errata/RHSA-2022:1461
reference_id RHSA-2022:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1461
14
reference_url https://access.redhat.com/errata/RHSA-2022:2217
reference_id RHSA-2022:2217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2217
15
reference_url https://access.redhat.com/errata/RHSA-2022:2218
reference_id RHSA-2022:2218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2218
16
reference_url https://access.redhat.com/errata/RHSA-2022:6051
reference_id RHSA-2022:6051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6051
17
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
fixed_packages
0
url pkg:gem/kubeclient@4.9.3
purl pkg:gem/kubeclient@4.9.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/kubeclient@4.9.3
aliases CVE-2022-0759, GHSA-69p3-xp37-f692
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-puxh-g4cw-affj
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/kubeclient@0.2.0