My Work

CVEs

CVE-2021-25738 - Unsafe deserialization in Kubernetes Java client

• MITRE
• Blog post j0vsec.com
• Official announcement
• GitHub project

CVE-2021-43798 - Grafana path traversal

• MITRE
• Blog post j0vsec.com
• Article Grafana blog
• Article The Daily Swig
• Article Detectlify Labs

CVE-2021-4178 - Unsafe deserialization in Fabric8 Kubernetes client

• MITRE
• Bugzilla Red Hat
• Red Hat CVE page
• GitHub project

CVE-2022-4230 - Authenticated SQL injection in WP Statistics

• MITRE
• WPScan page

Acknowledgments

• Apple
• eBay
• New Relic
• Elastic
• PayPal
• Yahoo!
• Kubernetes
• Aiven Ltd
• U.S. Dept of Defense
• GitLab
• and more…