Latest medium severity vulnerabilities for "kubernetes kubernetes"

Kubernetes KubernetesWindows kube-proxy LoadBalancer contention

medium

6.3

First published (updated )

CVE-2021-25736

Kubernetes KubernetesBypass of seccomp profile enforcement

medium

5.5

First published (updated )

CVE-2023-2431

Kubernetes KubernetesBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

medium

6.5

First published (updated )

CVE-2023-2728

Kubernetes KubernetesBypassing policies imposed by the ImagePolicyWebhook admission plugin

medium

6.5

First published (updated )

CVE-2023-2727

Kubernetes KubernetesUnauthorized read of Custom Resources

medium

6.5

First published (updated )

CVE-2022-3162

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Kubernetes KubernetesWebhook redirect in kube-apiserver

medium

4.1

First published (updated )

CVE-2020-8561

Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack

medium

4.9

First published (updated )

CVE-2021-25737

redhat/kubernetesValidating Admission Webhook does not observe some previous fields

medium

6.5

First published (updated )

CVE-2021-25735

redhat/atomic-openshiftKubernetes man in the middle using LoadBalancer or ExternalIPs

medium

6.3

First published (updated )

CVE-2020-8554

Kubernetes KubernetesCeph RBD adminSecrets exposed in logs when loglevel >= 4

medium

5.5

First published (updated )

CVE-2020-8566

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

go/k8s.io/client-goIncomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9

medium

5.5

First published (updated )

CVE-2020-8565

go/github.com/kubernetes/kubernetesDocker config secrets leaked when file is malformed and loglevel >= 4

medium

5.5

First published (updated )

CVE-2020-8564

redhat/openshiftSecret leaks in logs for vSphere Provider kube-controller-manager

medium

6.3

First published (updated )

CVE-2020-8563

Kubernetes KubernetesPrivilege escalation from compromised node to cluster

medium

6.8

First published (updated )

CVE-2020-8559

redhat/kubernetesKubernetes node disk Denial of Service by writing to container /etc/hosts

medium

5.5

First published (updated )

CVE-2020-8557

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

go/k8s.io/kubernetesKubernetes kube-controller-manager SSRF

medium

6.3

First published (updated )

CVE-2020-8555

Kubernetes KubernetesKubernetes kubelet denial of service

medium

6.5

First published (updated )

CVE-2020-8551

Kubernetes KubernetesKubernetes API Server denial of service vulnerability from malicious YAML payloads

medium

6.5

First published (updated )

CVE-2019-11254

Kubernetes KubernetesCredential leakage when failing to mount

medium

6.5

First published (updated )

CVE-2019-11252

Kubernetes KubernetesKubernetes API server denial of service

medium

5.3

First published (updated )

CVE-2020-8552

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

medium

5.7

First published (updated )

CVE-2019-11251

Kubernetes KubernetesKubernetes client-go logs authorization headers at debug verbosity levels

medium

6.5

First published (updated )

CVE-2019-11250

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

medium

6.5

First published (updated )

CVE-2019-11249

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

medium

6.5

First published (updated )

CVE-2019-11246

Redhat Openshift Container Platformkubectl creates world-writeable cached schema files

medium

5

First published (updated )

CVE-2019-11244

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Kubernetes Kuberneteskubectl cp path traversal

medium

6.4

First published (updated )

CVE-2019-1002101

go/k8s.io/kubernetesInput Validation

medium

6.5

First published (updated )

CVE-2019-1002100

Kubernetes KubernetesInput Validation

medium

5.5

First published (updated )

CVE-2018-1002100

Kubernetes KubernetesInfoleak

medium

6.5

First published (updated )

CVE-2017-1002100

Redhat OpenshiftInfoleak

medium

5.3

First published (updated )

CVE-2015-7528

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Versions

Kubernetes KubernetesWindows kube-proxy LoadBalancer contention

Kubernetes KubernetesBypass of seccomp profile enforcement

Kubernetes KubernetesBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Kubernetes KubernetesBypassing policies imposed by the ImagePolicyWebhook admission plugin

Kubernetes KubernetesUnauthorized read of Custom Resources

Never miss a vulnerability like this again

Kubernetes KubernetesWebhook redirect in kube-apiserver

Kubernetes KubernetesHoles in EndpointSlice Validation Enable Host Network Hijack

redhat/kubernetesValidating Admission Webhook does not observe some previous fields

redhat/atomic-openshiftKubernetes man in the middle using LoadBalancer or ExternalIPs

Kubernetes KubernetesCeph RBD adminSecrets exposed in logs when loglevel >= 4

Never miss a vulnerability like this again

go/k8s.io/client-goIncomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9

go/github.com/kubernetes/kubernetesDocker config secrets leaked when file is malformed and loglevel >= 4

redhat/openshiftSecret leaks in logs for vSphere Provider kube-controller-manager

Kubernetes KubernetesPrivilege escalation from compromised node to cluster

redhat/kubernetesKubernetes node disk Denial of Service by writing to container /etc/hosts

Never miss a vulnerability like this again

go/k8s.io/kubernetesKubernetes kube-controller-manager SSRF

Kubernetes KubernetesKubernetes kubelet denial of service

Kubernetes KubernetesKubernetes API Server denial of service vulnerability from malicious YAML payloads

Kubernetes KubernetesCredential leakage when failing to mount

Kubernetes KubernetesKubernetes API server denial of service

Never miss a vulnerability like this again

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

Kubernetes KubernetesKubernetes client-go logs authorization headers at debug verbosity levels

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

Redhat Openshift Container Platformkubectl creates world-writeable cached schema files

Never miss a vulnerability like this again

Kubernetes Kuberneteskubectl cp path traversal

go/k8s.io/kubernetesInput Validation

Kubernetes KubernetesInput Validation

Kubernetes KubernetesInfoleak

Redhat OpenshiftInfoleak

Never miss a vulnerability like this again

Company

Resources

Contact