Kubernetes — открытое программное обеспечение для оркестровки контейнеризированных приложений — автоматизации их развёртывания, масштабирования и координации в условиях кластера.
Релизный цикл, информация об уязвимостях
График релизов
Количество 318
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17. ...
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
CVE-2020-8557
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.
CVE-2020-8557
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17. ...
CVE-2020-8557
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.
CVE-2019-11252
The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.
CVE-2019-11252
The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulne ...
CVE-2019-11252
The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.
CVE-2020-8559
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
CVE-2020-8559
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions pri ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2020-8558 The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17. ... | CVSS3: 5.4 | 25% Средний | почти 5 лет назад |
 | CVE-2020-8558 The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. | CVSS3: 5.4 | 25% Средний | почти 5 лет назад |
 | CVE-2020-8557 The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail. | CVSS3: 5.5 | 0% Низкий | почти 5 лет назад |
| CVE-2020-8557 The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17. ... | CVSS3: 5.5 | 0% Низкий | почти 5 лет назад |
| CVE-2020-8557 The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail. | CVSS3: 5.5 | 0% Низкий | почти 5 лет назад |
| CVE-2019-11252 The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. | CVSS3: 5.9 | 0% Низкий | почти 5 лет назад |
| CVE-2019-11252 The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulne ... | CVSS3: 5.9 | 0% Низкий | почти 5 лет назад |
| CVE-2019-11252 The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. | CVSS3: 5.9 | 0% Низкий | почти 5 лет назад |
| CVE-2020-8559 The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. | CVSS3: 6.4 | 61% Средний | почти 5 лет назад |
| CVE-2020-8559 The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions pri ... | CVSS3: 6.4 | 61% Средний | почти 5 лет назад |
Уязвимостей на страницу