Browse all 3 CVE security advisories affecting meshery. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Meshery is an open-source service mesh management platform that enables configuration, observation, and management of service meshes. Historically, it has been associated with vulnerabilities including remote code execution (RCE) and cross-site scripting (XSS), often stemming from improper input validation and insecure API endpoints. While no major security incidents have been widely documented, the three CVEs on record highlight potential risks in its web interface and components. The platform's architecture, involving multiple integrations, may introduce additional attack surfaces. Security teams should prioritize regular updates and input sanitization when deploying Meshery in production environments to mitigate identified and potential future vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-35182 | GHSL-2024-014 Meshery SQL Injection vulnerability — mesheryCWE-89 | 5.9 | Medium | 2024-05-27 |
| CVE-2024-35181 | GHSL-2024-013 Meshery SQL Injection vulnerability — mesheryCWE-89 | 5.9 | Medium | 2024-05-27 |
| CVE-2024-29031 | Meshery SQL Injection vulnerability — mesheryCWE-89 | 7.5 | High | 2024-03-21 |
This page lists every published CVE security advisory associated with meshery. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.