Filters
Software
kubernetes kubernetes
56
kubernetes cri-o
10
kubernetes ingress-nginx
8
kubernetes minikube
3
kubernetes java
2
kubernetes apiserver
1
kubernetes aws-iam-authenticator
1
kubernetes container storage interface snapshotter
1
kubernetes continuous deploy
1
kubernetes csi proxy
1
kubernetes dashboard
1
kubernetes external-provisioner
1
kubernetes external-resizer
1
kubernetes external-snapshotter
1
kubernetes kube-apiserver
1
kubernetes kube-state-metrics
1
kubernetes nginx ingress controller
1
kubernetes operations
1
kubernetes secrets store csi driver
1
kubernetes secrets-store-csi-driver
1
Redhat Openshift Container PlatformCri-o: malicious container can create symlink on host
8.1
EPSS
0.04%
First published (updated )
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesWindows kube-proxy LoadBalancer contention
6.3
First published (updated )
Kubernetes ingress-nginxIngress-nginx `path` sanitization can be bypassed with `log_format` directive
8.8
First published (updated )
Kubernetes ingress-nginxIngress nginx annotation injection causes arbitrary command execution
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes ingress-nginxCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
8.8
First published (updated )
Kubernetes OperationsPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
8.8
First published (updated )
Kubernetes Csi ProxyKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesBypass of seccomp profile enforcement
5.5
First published (updated )
Kubernetes KubernetesBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
6.5
First published (updated )
Kubernetes KubernetesBypassing policies imposed by the ImagePolicyWebhook admission plugin
6.5
First published (updated )
Kubernetes secrets-store-csi-driverKubernetes secrets-store-csi-driver discloses service account tokens in logs
6.5
First published (updated )
Kubernetes Minikube[minikube] ssh server with default password
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with newline character
7.6
First published (updated )
Kubernetes Minikube[minikube] Network Port exposure in minikube running on macOS using Docker driver
9.8
First published (updated )
go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying
8.8
First published (updated )
Redhat Openshift Container Platform For Arm64Cri-o: /etc/passwd tampering privesc
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesUnauthorized read of Custom Resources
6.5
First published (updated )
Redhat Openshift Container PlatformCri-o: security regression of cve-2022-27652
5.3
First published (updated )
Kubernetes ApiserverKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
8.2
First published (updated )
Kubernetes KubernetesrunAsNonRoot logic bypass for Windows containers
7.8
First published (updated )
redhat/cri-oIncorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive…
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Aws-iam-authenticatorAccessKeyID validation bypass
8.8
First published (updated )
redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…
7.8
First published (updated )
Kubernetes ingress-nginxIngress-nginx path can be pointed to service account token file
8.1
First published (updated )
Kubernetes ingress-nginxIngress-nginx directive injection via annotations
7.6
First published (updated )
redhat/cri-oA flaw was found in cri-o, where containers were incorrectly started with non-empty default permissi…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Continuous DeployA missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows a…
6.5
First published (updated )
Kubernetes KubernetesBypass of Kubernetes API Server proxy TOCTOU
3.5
First published (updated )
redhat/cri-oAn incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe…
4.9
First published (updated )
go/k8s.io/kubernetesANSI escape characters in kubectl output are not being filtered
3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes ingress-nginxIngress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
7.6
First published (updated )
Kubernetes KubernetesWebhook redirect in kube-apiserver
4.1
First published (updated )
Kubernetes KubernetesSymlink Exchange Can Allow Host Filesystem Access
8.8
First published (updated )
Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack
4.9
First published (updated )
redhat/kubernetesValidating Admission Webhook does not observe some previous fields
6.5
First published (updated )
Kubernetes Container Storage Interface SnapshotterKubernetes CSI snapshot-controller DoS
6.5
First published (updated )
Kubernetes JavaKubernetes Java client libraries unvalidated path traversal in Copy implementation
9.1
First published (updated )
Kubernetes Secrets Store CSI DriverKubernetes Secrets Store CSI Driver sync/rotate directory traversal
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/atomic-openshiftKubernetes man in the middle using LoadBalancer or ExternalIPs
6.3
First published (updated )
Kubernetes KubernetesCeph RBD adminSecrets exposed in logs when loglevel >= 4
5.5
First published (updated )
go/k8s.io/client-goIncomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9
5.5
First published (updated )
go/github.com/kubernetes/kubernetesDocker config secrets leaked when file is malformed and loglevel >= 4
5.5
First published (updated )
redhat/openshiftSecret leaks in logs for vSphere Provider kube-controller-manager
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.