Filtered by vendor Kubernetes
Subscriptions
Total
97 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-3294 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 6.6 Medium |
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network. | ||||
CVE-2022-3172 | 2 Kubernetes, Redhat | 3 Apiserver, Openshift, Openshift Data Foundation | 2024-11-21 | 5.1 Medium |
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. | ||||
CVE-2022-3162 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 6.5 Medium |
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. | ||||
CVE-2022-2995 | 2 Kubernetes, Redhat | 2 Cri-o, Openshift | 2024-11-21 | 7.1 High |
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | ||||
CVE-2022-2385 | 1 Kubernetes | 1 Aws-iam-authenticator | 2024-11-21 | 8.1 High |
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. | ||||
CVE-2022-27652 | 4 Fedoraproject, Kubernetes, Mobyproject and 1 more | 5 Fedora, Cri-o, Moby and 2 more | 2024-11-21 | 5.3 Medium |
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. | ||||
CVE-2022-1708 | 3 Fedoraproject, Kubernetes, Redhat | 5 Fedora, Cri-o, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. | ||||
CVE-2022-0811 | 2 Kubernetes, Redhat | 2 Cri-o, Openshift | 2024-11-21 | 8.8 High |
A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. | ||||
CVE-2022-0532 | 2 Kubernetes, Redhat | 3 Cri-o, Openshift, Openshift Container Platform | 2024-11-21 | 4.2 Medium |
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace. | ||||
CVE-2021-25749 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 7.8 High |
Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. | ||||
CVE-2021-25748 | 1 Kubernetes | 1 Ingress-nginx | 2024-11-21 | 7.6 High |
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. | ||||
CVE-2021-25746 | 1 Kubernetes | 1 Ingress-nginx | 2024-11-21 | 7.6 High |
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. | ||||
CVE-2021-25745 | 1 Kubernetes | 1 Ingress-nginx | 2024-11-21 | 7.6 High |
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. | ||||
CVE-2021-25743 | 1 Kubernetes | 1 Kubernetes | 2024-11-21 | 3 Low |
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events. | ||||
CVE-2021-25742 | 2 Kubernetes, Netapp | 2 Ingress-nginx, Trident | 2024-11-21 | 7.6 High |
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster. | ||||
CVE-2021-25741 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 8.8 High |
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | ||||
CVE-2021-25740 | 1 Kubernetes | 1 Kubernetes | 2024-11-21 | 3.1 Low |
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | ||||
CVE-2021-25738 | 1 Kubernetes | 1 Java | 2024-11-21 | 6.7 Medium |
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. | ||||
CVE-2021-25737 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 2.7 Low |
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs. | ||||
CVE-2021-25736 | 3 Kubernetes, Microsoft, Redhat | 3 Kubernetes, Windows, Openshift | 2024-11-21 | 5.8 Medium |
Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the LoadBalancer controller sets the “status.loadBalancer.ingress[].ip” field are unaffected. |