Filter
AND

go/github.com/kubernetes-sigs/image-builderVM images built with Image Builder with some providers use default credentials during builds

8.1
EPSS
0.06%
First published (updated )

Redhat Openshift Container PlatformCri-o: malicious container can create symlink on host

8.1
EPSS
0.04%
First published (updated )

go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

8.8
First published (updated )

Kubernetes ingress-nginxIngress-nginx `path` sanitization can be bypassed with `log_format` directive

8.8
First published (updated )

go/k8s.io/ingress-nginxIngress nginx annotation injection causes arbitrary command execution

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes ingress-nginxCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation

8.8
First published (updated )

Kubernetes OperationsPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode

8.8
First published (updated )

Kubernetes Csi ProxyKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation

8.8
First published (updated )

Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation

8.8
First published (updated )

Kubernetes KubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes Minikube[minikube] ssh server with default password

8.4
First published (updated )

go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with newline character

7.6
First published (updated )

go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying

8.8
First published (updated )

Redhat Openshift Container Platform For Arm64Cri-o: /etc/passwd tampering privesc

7.8
First published (updated )

Kubernetes ApiserverKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes KubernetesrunAsNonRoot logic bypass for Windows containers

7.8
First published (updated )

redhat/cri-oIncorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive…

7.1
First published (updated )

Kubernetes Aws-iam-authenticatorAccessKeyID validation bypass

8.8
First published (updated )

redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…

7.8
First published (updated )

Kubernetes ingress-nginxIngress-nginx path can be pointed to service account token file

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes ingress-nginxIngress-nginx directive injection via annotations

7.6
First published (updated )

Kubernetes ingress-nginxIngress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

7.6
First published (updated )

Kubernetes KubernetesSymlink Exchange Can Allow Host Filesystem Access

8.8
First published (updated )

redhat/openshiftKubernetes node setting allows for neighboring hosts to bypass localhost boundary

8.8
First published (updated )

Kubernetes KubernetesKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes KubernetesKubernetes kubelet exposes /debug/pprof info on healthz port

8.2
First published (updated )

Kubernetes KubernetesKubernetes kube-apiserver allows access to custom resources via wrong scope

8.1
First published (updated )

Kubernetes Kuberneteskubelet-started container uid changes to root after first restart or if image is already pulled to the node

7.8
First published (updated )

Kubernetes KubernetesIn Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of…

8.1
First published (updated )

Kubernetes KubernetesCloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network fi…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes DashboardKubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Ser…

7.5
First published (updated )

go/k8s.io/minikubeCSRF, Input Validation

8.8
First published (updated )

Kubernetes CRI-OKubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnera…

8.8
First published (updated )

Kubernetes KubernetesIn Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 cont…

7.1
First published (updated )

Redhat OpenshiftUpstream reports: Clients using SSL certs for auth show the subject CN of their intermediate cert no…

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/openshiftThe API server in Kubernetes does not properly check admission control, which allows remote authenti…

7.7
First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203