Filters
Versions
1.17.0
11
1.13.0
10
1.18.0
9
1.14.0
7
1.15.0
7
1.16.0
7
1.19.0
7
1.25.0
7
1.20.0
6
1.26.0
6
1.27.0
6
1.12.0
5
1.6.0
5
1.8.0
5
1.0.0
4
1.12.10
4
1.21.0
4
1.5.0
4
1.7.0
4
1.9.0
4
1.10.0
3
1.11.0
3
1.12.11-beta0
3
1.14.0-alpha0
3
1.14.0-alpha1
3
1.23.0
3
1.24.0
3
1.28.0
3
1.1.0
2
1.13.6
2
1.13.6-beta0
2
1.14.0-alpha2
2
1.14.0-alpha3
2
1.14.0-beta0
2
1.14.0-beta1
2
1.14.0-beta2
2
1.14.0-rc1
2
1.14.1
2
1.14.2
2
1.15.9
2
1.16.6
2
1.17.2
2
1.22.0
2
1.24.14
2
1.25.10
2
1.26.5
2
1.27.2
2
1.3.0
2
1.3.10
2
1.4.0
2
1.4.12
2
1.5.8
2
1.6.13
2
1.1-1.12
1
1.10.10
1
1.10.5
1
1.11.1
1
1.11.4
1
1.12.2
1
1.12.4
1
1.13.0-alpha0
1
1.13.0-alpha1
1
1.13.0-alpha2
1
1.13.0-alpha3
1
1.13.0-beta0
1
1.13.0-beta1
1
1.13.0-beta2
1
1.13.0-rc1
1
1.13.0-rc2
1
1.13.1
1
1.13.1-beta0
1
1.13.13
1
1.13.2
1
1.13.2-beta0
1
1.13.3
1
1.13.3-beta0
1
1.13.4
1
1.13.4-beta0
1
1.13.5
1
1.13.5-beta0
1
1.13.7
1
1.13.7-beta.0
1
1.13.8-beta.0
1
1.14.1-beta0
1
1.14.2-beta0
1
1.14.3
1
1.14.3-beta0
1
1.14.4-beta.0
1
1.15.0-alpha0
1
1.15.0-alpha1
1
1.15.0-alpha2
1
1.15.0-alpha3
1
1.15.0-beta0
1
1.15.0-beta1
1
1.15.0-beta2
1
1.15.0-rc1
1
1.15.3
1
1.15.4-beta0
1
1.16.0-alpha1
1
1.16.0-alpha2
1
1.16.0-alpha3
1
1.16.0-beta1
1
1.16.0-beta2
1
1.16.10
1
1.17.13
1
1.17.6
1
1.18.10
1
1.18.18
1
1.18.3
1
1.19.10
1
1.19.14
1
1.19.3
1
1.2.0
1
1.20.10
1
1.20.11
1
1.20.6
1
1.21.4
1
1.21.5
1
1.22.1
1
1.22.15
1
1.22.2
1
1.23.13
1
1.24.7
1
1.25.3
1
1.5.1
1
1.5.2
1
1.5.3
1
1.5.4
1
1.5.9
1
1.6.0-alpha.0
1
1.6.0-alpha.1
1
1.6.0-alpha.2
1
1.6.0-alpha.3
1
1.6.0-beta.0
1
1.6.0-beta.1
1
1.6.0-beta.2
1
1.6.0-beta.3
1
1.6.0-beta.4
1
1.6.0-rc.1
1
1.6.1
1
1.6.1-beta.0
1
1.6.14
1
1.6.2
1
1.6.2-beta.0
1
1.6.3
1
1.6.3-beta.0
1
1.6.3-beta.1
1
1.6.4
1
1.6.4-beta.0
1
1.6.4-beta.1
1
1.6.5
1
1.6.5-beta.0
1
1.7.17
1
1.8.15
1
1.9.11
1
1.9.12-beta0
1
1.9.5
1
1.9.9
1
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesWindows kube-proxy LoadBalancer contention
6.3
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesBypass of seccomp profile enforcement
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
6.5
First published (updated )
Kubernetes KubernetesBypassing policies imposed by the ImagePolicyWebhook admission plugin
6.5
First published (updated )
go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying
8.8
First published (updated )
Kubernetes KubernetesUnauthorized read of Custom Resources
6.5
First published (updated )
Kubernetes KubernetesrunAsNonRoot logic bypass for Windows containers
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesBypass of Kubernetes API Server proxy TOCTOU
3.5
First published (updated )
go/k8s.io/kubernetesANSI escape characters in kubectl output are not being filtered
3
First published (updated )
Kubernetes KubernetesWebhook redirect in kube-apiserver
4.1
First published (updated )
Kubernetes KubernetesSymlink Exchange Can Allow Host Filesystem Access
8.8
First published (updated )
Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack
4.9
First published (updated )
redhat/kubernetesValidating Admission Webhook does not observe some previous fields
6.5
First published (updated )
redhat/atomic-openshiftKubernetes man in the middle using LoadBalancer or ExternalIPs
6.3
First published (updated )
Kubernetes KubernetesCeph RBD adminSecrets exposed in logs when loglevel >= 4
5.5
First published (updated )
go/k8s.io/client-goIncomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/kubernetes/kubernetesDocker config secrets leaked when file is malformed and loglevel >= 4
5.5
First published (updated )
redhat/openshiftSecret leaks in logs for vSphere Provider kube-controller-manager
6.3
First published (updated )
Kubernetes KubernetesPrivilege escalation from compromised node to cluster
6.8
First published (updated )
redhat/kubernetesKubernetes node disk Denial of Service by writing to container /etc/hosts
5.5
First published (updated )
redhat/openshiftKubernetes node setting allows for neighboring hosts to bypass localhost boundary
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/k8s.io/kubernetesKubernetes kube-controller-manager SSRF
6.3
First published (updated )
Kubernetes KubernetesKubernetes kubelet denial of service
6.5
First published (updated )
Kubernetes KubernetesKubernetes API Server denial of service vulnerability from malicious YAML payloads
6.5
First published (updated )
Kubernetes KubernetesCredential leakage when failing to mount
6.5
First published (updated )
Kubernetes KubernetesKubernetes API server denial of service
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack
7.5
First published (updated )
Kubernetes Kuberneteskubectl cp allows symlink directory traversal
5.7
First published (updated )
Kubernetes KubernetesKubernetes kubelet exposes /debug/pprof info on healthz port
8.2
First published (updated )
Kubernetes KubernetesKubernetes client-go logs authorization headers at debug verbosity levels
6.5
First published (updated )
Kubernetes Kuberneteskubectl cp allows symlink directory traversal
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesKubernetes kube-apiserver allows access to custom resources via wrong scope
8.1
First published (updated )
Kubernetes Kuberneteskubectl cp allows symlink directory traversal
6.5
First published (updated )
Kubernetes Kuberneteskubelet-started container uid changes to root after first restart or if image is already pulled to the node
7.8
First published (updated )
Redhat Openshift Container Platformkubectl creates world-writeable cached schema files
First published (updated )
Kubernetes KubernetesIn Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesCloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network fi…
7.5
First published (updated )
Redhat Openshift Container PlatformWith a specially crafted request, users are able to establish a connection through the Kubernetes AP…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesKubernetes API server follows unvalidated redirects from streaming Kubelet endpoints
2.6
First published (updated )
Kubernetes KubernetesIn Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 cont…
7.1
First published (updated )
Kubernetes KubernetesIt was found that volume security can be sidestepped with innocent emptyDir and subpath. A pod could…
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.