Kubernetes — открытое программное обеспечение для оркестровки контейнеризированных приложений — автоматизации их развёртывания, масштабирования и координации в условиях кластера.
Релизный цикл, информация об уязвимостях
График релизов
Количество 318
GHSA-fp37-c92q-4pwq
Kubernetes kube-apiserver unauthorized access
GHSA-jmrx-5g74-6v2f
Kubernetes client-go library logs may disclose credentials to unauthorized users
GHSA-gc2p-g4fg-29vh
Kubernetes did not effectively clear service account credentials
GHSA-rj88-p797-v9xw
Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal.
GHSA-v67x-gpg7-mwv3
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
GHSA-fqg2-c97r-rqcj
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
GHSA-7w66-j2r2-vm3p
It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
GHSA-mm7g-f2gg-cw8g
Kubernetes arbitrary file overwrite
GHSA-rqgw-vh6p-qf7j
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.
GHSA-2jq6-ffph-p4h8
Kubernetes arbitrary file overwrite
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-fp37-c92q-4pwq Kubernetes kube-apiserver unauthorized access | CVSS3: 8.1 | 0% Низкий | около 3 лет назад |
| GHSA-jmrx-5g74-6v2f Kubernetes client-go library logs may disclose credentials to unauthorized users | CVSS3: 6.5 | 1% Низкий | около 3 лет назад |
| GHSA-gc2p-g4fg-29vh Kubernetes did not effectively clear service account credentials | CVSS3: 8.1 | 0% Низкий | около 3 лет назад |
| GHSA-rj88-p797-v9xw Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal. | CVSS3: 6.5 | 0% Низкий | около 3 лет назад |
| GHSA-v67x-gpg7-mwv3 Exposure of Sensitive Information in Jenkins Kubernetes Plugin | CVSS3: 6.5 | 0% Низкий | около 3 лет назад |
| GHSA-fqg2-c97r-rqcj Exposure of Sensitive Information in Jenkins Kubernetes Plugin | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
| GHSA-7w66-j2r2-vm3p It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate. | CVSS3: 8.1 | 0% Низкий | около 3 лет назад |
| GHSA-mm7g-f2gg-cw8g Kubernetes arbitrary file overwrite | CVSS3: 5.6 | 0% Низкий | около 3 лет назад |
| GHSA-rqgw-vh6p-qf7j In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem. | CVSS3: 9.6 | 33% Средний | около 3 лет назад |
| GHSA-2jq6-ffph-p4h8 Kubernetes arbitrary file overwrite | CVSS3: 5.5 | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу