Kubernetes — открытое программное обеспечение для оркестровки контейнеризированных приложений — автоматизации их развёртывания, масштабирования и координации в условиях кластера.
Релизный цикл, информация об уязвимостях
График релизов
Количество 318
GHSA-mfv7-gq43-w965
Incomplete List of Disallowed Inputs in Kubernetes
CVE-2021-25737
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
CVE-2021-25737
A security issue was discovered in Kubernetes where a user may be able ...
CVE-2021-25735
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
CVE-2021-25735
A security issue was discovered in kube-apiserver that could allow nod ...
CVE-2021-25735
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
CVE-2021-25737
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
BDU:2022-02241
Уязвимость программного средства управления кластерами виртуальных машин Kubernetes, связанная с использованием открытой переадресации, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
BDU:2022-01837
Уязвимость программного средства управления кластерами виртуальных машин Kubernetes, связанная с ошибками при обработке гипертекстовых ссылок, позволяющая нарушителю получить доступ к конфиденциальным данным
CVE-2021-25740
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-mfv7-gq43-w965 Incomplete List of Disallowed Inputs in Kubernetes | CVSS3: 4.8 | 1% Низкий | почти 4 года назад |
 | CVE-2021-25737 A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs. | CVSS3: 2.7 | 1% Низкий | почти 4 года назад |
| CVE-2021-25737 A security issue was discovered in Kubernetes where a user may be able ... | CVSS3: 2.7 | 1% Низкий | почти 4 года назад |
| CVE-2021-25735 A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields. | CVSS3: 6.5 | 18% Средний | почти 4 года назад |
| CVE-2021-25735 A security issue was discovered in kube-apiserver that could allow nod ... | CVSS3: 6.5 | 18% Средний | почти 4 года назад |
 | CVE-2021-25735 A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields. | CVSS3: 6.5 | 18% Средний | почти 4 года назад |
| CVE-2021-25737 A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs. | CVSS3: 2.7 | 1% Низкий | почти 4 года назад |
 | BDU:2022-02241 Уязвимость программного средства управления кластерами виртуальных машин Kubernetes, связанная с использованием открытой переадресации, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность | CVSS3: 4.8 | 1% Низкий | почти 4 года назад |
| BDU:2022-01837 Уязвимость программного средства управления кластерами виртуальных машин Kubernetes, связанная с ошибками при обработке гипертекстовых ссылок, позволяющая нарушителю получить доступ к конфиденциальным данным | CVSS3: 4.1 | 0% Низкий | почти 4 года назад |
 | CVE-2021-25740 A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | CVSS3: 3.1 | 1% Низкий | почти 4 года назад |
Уязвимостей на страницу