Kubernetes — открытое программное обеспечение для оркестровки контейнеризированных приложений — автоматизации их развёртывания, масштабирования и координации в условиях кластера.
Релизный цикл, информация об уязвимостях
График релизов
Количество 326
GHSA-wxc4-f4m6-wwqv
Excessive Platform Resource Consumption within a Loop in Kubernetes
GHSA-f5f7-6478-qm6p
Files or Directories Accessible to External Parties in kubernetes
BDU:2021-06196
Уязвимость программы для оркестровки контейнеризированных приложений Kubernetes, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти введенные ограничения безопасности
GHSA-vw47-mr44-3jf9
Confused Deputy in Kubernetes
GHSA-74j8-88mm-7496
Confused Deputy in Kubernetes
CVE-2021-25741
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.
CVE-2021-25741
A security issue was discovered in Kubernetes where a user may be able ...
CVE-2021-25740
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.
CVE-2021-25740
A security issue was discovered with Kubernetes that could enable user ...
CVE-2020-8561
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-wxc4-f4m6-wwqv Excessive Platform Resource Consumption within a Loop in Kubernetes | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-f5f7-6478-qm6p Files or Directories Accessible to External Parties in kubernetes | CVSS3: 8.1 | 33% Средний | около 4 лет назад |
 | BDU:2021-06196 Уязвимость программы для оркестровки контейнеризированных приложений Kubernetes, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти введенные ограничения безопасности | CVSS3: 8.8 | 33% Средний | около 4 лет назад |
| GHSA-vw47-mr44-3jf9 Confused Deputy in Kubernetes | CVSS3: 3.1 | 1% Низкий | около 4 лет назад |
| GHSA-74j8-88mm-7496 Confused Deputy in Kubernetes | CVSS3: 4.1 | 0% Низкий | около 4 лет назад |
 | CVE-2021-25741 A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | CVSS3: 8.8 | 33% Средний | около 4 лет назад |
| CVE-2021-25741 A security issue was discovered in Kubernetes where a user may be able ... | CVSS3: 8.8 | 33% Средний | около 4 лет назад |
| CVE-2021-25740 A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | CVSS3: 3.1 | 1% Низкий | около 4 лет назад |
| CVE-2021-25740 A security issue was discovered with Kubernetes that could enable user ... | CVSS3: 3.1 | 1% Низкий | около 4 лет назад |
| CVE-2020-8561 A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs. | CVSS3: 4.1 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу