Количество 320
Количество 320
GHSA-qhm4-jxv7-j9pq
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
GHSA-qh36-44jv-c8xj
Potential proxy IP restriction bypass in Kubernetes
GHSA-qc2g-gmh6-95p4
kube-apiserver vulnerable to policy bypass
GHSA-q78c-gwqw-jcmc
Kubernetes privilege escalation vulnerability
GHSA-mm7g-f2gg-cw8g
Kubernetes arbitrary file overwrite
GHSA-mfv7-gq43-w965
Incomplete List of Disallowed Inputs in Kubernetes
GHSA-m3fm-h5jp-q79p
Authorization bypass in Openshift
GHSA-jh36-q97c-9928
Kubernetes vulnerable to validation bypass
GHSA-hq6q-c2x6-hmch
Kubernetes Improper Input Validation vulnerability
GHSA-g42g-737j-qx6j
Access Restriction Bypass in kube-apiserver
GHSA-g2r3-4g8q-h5rj
Missing authorization in Jenkins Kubernetes Plugin
GHSA-fqg2-c97r-rqcj
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
GHSA-fh5w-p2j4-4p8x
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Kubernetes Plugin
GHSA-f9jg-8p32-2f55
kubectl ANSI escape characters not filtered
GHSA-f5f7-6478-qm6p
Files or Directories Accessible to External Parties in kubernetes
GHSA-cgcv-5272-97pr
Kubernetes mountable secrets policy bypass
GHSA-9frv-h2cf-52wh
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.
GHSA-8wj5-gvvw-f5fh
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11.
GHSA-8mjg-8c8g-6h85
Kubernetes Sensitive Information leak via Log File
GHSA-8cfg-vx93-jvxw
Kubernetes client-go vulnerable to Sensitive Information Leak via Log File
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-qhm4-jxv7-j9pq Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-qh36-44jv-c8xj Potential proxy IP restriction bypass in Kubernetes | CVSS3: 3.1 | 0% Низкий | больше 3 лет назад |
| GHSA-qc2g-gmh6-95p4 kube-apiserver vulnerable to policy bypass | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| GHSA-q78c-gwqw-jcmc Kubernetes privilege escalation vulnerability | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
| GHSA-mm7g-f2gg-cw8g Kubernetes arbitrary file overwrite | CVSS3: 5.6 | 0% Низкий | около 3 лет назад |
| GHSA-mfv7-gq43-w965 Incomplete List of Disallowed Inputs in Kubernetes | CVSS3: 4.8 | 1% Низкий | почти 4 года назад |
| GHSA-m3fm-h5jp-q79p Authorization bypass in Openshift | CVSS3: 9.8 | 2% Низкий | больше 3 лет назад |
| GHSA-jh36-q97c-9928 Kubernetes vulnerable to validation bypass | CVSS3: 8.8 | 0% Низкий | больше 2 лет назад |
| GHSA-hq6q-c2x6-hmch Kubernetes Improper Input Validation vulnerability | CVSS3: 8.8 | 21% Средний | больше 1 года назад |
| GHSA-g42g-737j-qx6j Access Restriction Bypass in kube-apiserver | CVSS3: 6.5 | 18% Средний | около 4 лет назад |
| GHSA-g2r3-4g8q-h5rj Missing authorization in Jenkins Kubernetes Plugin | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| GHSA-fqg2-c97r-rqcj Exposure of Sensitive Information in Jenkins Kubernetes Plugin | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
| GHSA-fh5w-p2j4-4p8x Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Kubernetes Plugin | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| GHSA-f9jg-8p32-2f55 kubectl ANSI escape characters not filtered | CVSS3: 3 | 0% Низкий | больше 3 лет назад |
| GHSA-f5f7-6478-qm6p Files or Directories Accessible to External Parties in kubernetes | CVSS3: 8.1 | 29% Средний | почти 4 года назад |
| GHSA-cgcv-5272-97pr Kubernetes mountable secrets policy bypass | CVSS3: 6.5 | 4% Низкий | около 2 лет назад |
| GHSA-9frv-h2cf-52wh The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. | CVSS3: 8.2 | 91% Критический | около 3 лет назад |
| GHSA-8wj5-gvvw-f5fh The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11. | 2% Низкий | около 3 лет назад | |
| GHSA-8mjg-8c8g-6h85 Kubernetes Sensitive Information leak via Log File | CVSS3: 4.7 | 0% Низкий | больше 2 лет назад |
| GHSA-8cfg-vx93-jvxw Kubernetes client-go vulnerable to Sensitive Information Leak via Log File | CVSS3: 4.7 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу