Filtered by vendor Kubernetes
Subscribe
Total
90 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11246 | 1 Kubernetes | 1 Kubernetes | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11. | |||||
| CVE-2019-1002101 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift Container Platform | 2023-11-07 | 5.8 MEDIUM | 5.5 MEDIUM |
| The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. | |||||
| CVE-2019-1002100 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift Container Platform | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server. | |||||
| CVE-2018-18264 | 1 Kubernetes | 1 Dashboard | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. | |||||
| CVE-2018-1002105 | 3 Kubernetes, Netapp, Redhat | 3 Kubernetes, Trident, Openshift Container Platform | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection. | |||||
| CVE-2018-1002102 | 2 Fedoraproject, Kubernetes | 2 Fedora, Kubernetes | 2023-11-07 | 2.1 LOW | 2.6 LOW |
| Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet. | |||||
| CVE-2023-1943 | 1 Kubernetes | 1 Operations | 2023-10-18 | N/A | 8.8 HIGH |
| Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode. | |||||
| CVE-2023-2878 | 1 Kubernetes | 1 Secrets-store-csi-driver | 2023-10-02 | N/A | 5.5 MEDIUM |
| Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. | |||||
| CVE-2023-2728 | 1 Kubernetes | 1 Kubernetes | 2023-08-03 | N/A | 6.5 MEDIUM |
| Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. | |||||
| CVE-2023-2727 | 1 Kubernetes | 1 Kubernetes | 2023-08-03 | N/A | 6.5 MEDIUM |
| Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. | |||||
| CVE-2022-1708 | 3 Fedoraproject, Kubernetes, Redhat | 4 Fedora, Cri-o, Enterprise Linux and 1 more | 2023-07-24 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. | |||||
| CVE-2023-2431 | 2 Fedoraproject, Kubernetes | 2 Fedora, Kubernetes | 2023-07-01 | N/A | 5.5 MEDIUM |
| A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet. | |||||
| CVE-2021-25735 | 1 Kubernetes | 1 Kubernetes | 2023-06-26 | 5.5 MEDIUM | 6.5 MEDIUM |
| A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields. | |||||
| CVE-2021-25748 | 1 Kubernetes | 1 Ingress-nginx | 2023-06-01 | N/A | 6.5 MEDIUM |
| A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. | |||||
| CVE-2023-1944 | 1 Kubernetes | 1 Minikube | 2023-06-01 | N/A | 7.8 HIGH |
| This vulnerability enables ssh access to minikube container using a default password. | |||||
| CVE-2021-25749 | 1 Kubernetes | 1 Kubernetes | 2023-06-01 | N/A | 7.8 HIGH |
| Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. | |||||
| CVE-2023-1174 | 2 Apple, Kubernetes | 2 Macos, Minikube | 2023-05-31 | N/A | 9.8 CRITICAL |
| This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. | |||||
| CVE-2022-3162 | 1 Kubernetes | 1 Kubernetes | 2023-05-11 | N/A | 6.5 MEDIUM |
| Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. | |||||
| CVE-2022-3294 | 1 Kubernetes | 1 Kubernetes | 2023-05-05 | N/A | 8.8 HIGH |
| Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network. | |||||
| CVE-2016-1906 | 1 Kubernetes | 1 Kubernetes | 2023-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed. | |||||