Filters
Software
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
8.8
First published (updated )
Kubernetes ingress-nginxIngress-nginx `path` sanitization can be bypassed with `log_format` directive
8.8
First published (updated )
Kubernetes ingress-nginxIngress nginx annotation injection causes arbitrary command execution
8.8
First published (updated )
Kubernetes ingress-nginxCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
8.8
First published (updated )
Kubernetes OperationsPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Csi ProxyKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Kubernetes Minikube[minikube] ssh server with default password
8.4
First published (updated )
go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with newline character
7.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying
8.8
First published (updated )
Redhat Openshift Container Platform For Arm64Cri-o: /etc/passwd tampering privesc
7.8
First published (updated )
Kubernetes ApiserverKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
8.2
First published (updated )
Kubernetes KubernetesrunAsNonRoot logic bypass for Windows containers
7.8
First published (updated )
redhat/cri-oIncorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive…
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Aws-iam-authenticatorAccessKeyID validation bypass
8.8
First published (updated )
redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…
7.8
First published (updated )
Kubernetes ingress-nginxIngress-nginx path can be pointed to service account token file
8.1
First published (updated )
Kubernetes ingress-nginxIngress-nginx directive injection via annotations
7.6
First published (updated )
Kubernetes ingress-nginxIngress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
7.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubernetesSymlink Exchange Can Allow Host Filesystem Access
8.8
First published (updated )
redhat/openshiftKubernetes node setting allows for neighboring hosts to bypass localhost boundary
8.8
First published (updated )
Kubernetes KubernetesKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack
7.5
First published (updated )
Kubernetes KubernetesKubernetes kubelet exposes /debug/pprof info on healthz port
8.2
First published (updated )
Kubernetes KubernetesKubernetes kube-apiserver allows access to custom resources via wrong scope
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Kuberneteskubelet-started container uid changes to root after first restart or if image is already pulled to the node
7.8
First published (updated )
Kubernetes KubernetesIn Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of…
8.1
First published (updated )
Kubernetes KubernetesCloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network fi…
7.5
First published (updated )
Kubernetes DashboardKubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Ser…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes CRI-OKubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnera…
8.8
First published (updated )
Kubernetes KubernetesIn Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 cont…
7.1
First published (updated )
Redhat OpenshiftUpstream reports: Clients using SSL certs for auth show the subject CN of their intermediate cert no…
8.1
First published (updated )
redhat/openshiftThe API server in Kubernetes does not properly check admission control, which allows remote authenti…
7.7
First published (updated )