Filter
Software
kubernetes kubernetes
56
kubernetes cri-o
10
kubernetes ingress-nginx
8
kubernetes minikube
3
kubernetes image builder
2
kubernetes java
2
kubernetes apiserver
1
kubernetes aws-iam-authenticator
1
kubernetes container storage interface snapshotter
1
kubernetes continuous deploy
1
kubernetes csi proxy
1
kubernetes dashboard
1
kubernetes external-provisioner
1
kubernetes external-resizer
1
kubernetes external-snapshotter
1
kubernetes kube-apiserver
1
kubernetes kube-state-metrics
1
kubernetes nginx ingress controller
1
kubernetes operations
1
kubernetes secrets store csi driver
1
kubernetes secrets-store-csi-driver
1
go/github.com/kubernetes-sigs/image-builderVM images built with Image Builder and Proxmox provider use default credentials
9.8
EPSS
0.07%
First published (updated )
go/github.com/kubernetes-sigs/image-builderVM images built with Image Builder with some providers use default credentials during builds
8.1
EPSS
0.06%
First published (updated )
Redhat Openshift Container PlatformCri-o: malicious container can create symlink on host
8.1
EPSS
0.04%
First published (updated )
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesWindows kube-proxy LoadBalancer contention
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes ingress-nginxIngress-nginx `path` sanitization can be bypassed with `log_format` directive
8.8
First published (updated )
go/k8s.io/ingress-nginxIngress nginx annotation injection causes arbitrary command execution
8.8
First published (updated )
Kubernetes ingress-nginxCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
8.8
First published (updated )
Kubernetes OperationsPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
8.8
First published (updated )
Kubernetes Csi ProxyKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesBypass of seccomp profile enforcement
5.5
First published (updated )
Kubernetes KubernetesBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
6.5
First published (updated )
Kubernetes KubernetesBypassing policies imposed by the ImagePolicyWebhook admission plugin
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes secrets-store-csi-driverKubernetes secrets-store-csi-driver discloses service account tokens in logs
6.5
First published (updated )
Kubernetes Minikube[minikube] ssh server with default password
8.4
First published (updated )
go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with newline character
7.6
First published (updated )
Kubernetes Minikube[minikube] Network Port exposure in minikube running on macOS using Docker driver
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying
8.8
First published (updated )
Redhat Openshift Container Platform For Arm64Cri-o: /etc/passwd tampering privesc
7.8
First published (updated )
Kubernetes KubernetesUnauthorized read of Custom Resources
6.5
First published (updated )
Redhat Openshift Container PlatformCri-o: security regression of cve-2022-27652
5.3
First published (updated )
Kubernetes ApiserverKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesrunAsNonRoot logic bypass for Windows containers
7.8
First published (updated )
redhat/cri-oIncorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive…
7.1
First published (updated )
Kubernetes Aws-iam-authenticatorAccessKeyID validation bypass
8.8
First published (updated )
redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…
7.8
First published (updated )
Kubernetes ingress-nginxIngress-nginx path can be pointed to service account token file
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.