Количество 326
Количество 326
GHSA-qhm4-jxv7-j9pq
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
GHSA-qh36-44jv-c8xj
Potential proxy IP restriction bypass in Kubernetes
GHSA-qc2g-gmh6-95p4
kube-apiserver vulnerable to policy bypass
GHSA-q78c-gwqw-jcmc
Kubernetes privilege escalation vulnerability
GHSA-mm7g-f2gg-cw8g
Kubernetes arbitrary file overwrite
GHSA-mfv7-gq43-w965
Incomplete List of Disallowed Inputs in Kubernetes
GHSA-m3fm-h5jp-q79p
Authorization bypass in Openshift
GHSA-jh36-q97c-9928
Kubernetes vulnerable to validation bypass
GHSA-hq6q-c2x6-hmch
Kubernetes Improper Input Validation vulnerability
GHSA-g42g-737j-qx6j
Access Restriction Bypass in kube-apiserver
GHSA-g2r3-4g8q-h5rj
Missing authorization in Jenkins Kubernetes Plugin
GHSA-fqg2-c97r-rqcj
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
GHSA-fh5w-p2j4-4p8x
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Kubernetes Plugin
GHSA-f9jg-8p32-2f55
kubectl ANSI escape characters not filtered
GHSA-f5f7-6478-qm6p
Files or Directories Accessible to External Parties in kubernetes
GHSA-cgcv-5272-97pr
Kubernetes mountable secrets policy bypass
GHSA-9frv-h2cf-52wh
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.
GHSA-8wj5-gvvw-f5fh
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11.
GHSA-8mjg-8c8g-6h85
Kubernetes Sensitive Information leak via Log File
GHSA-8cfg-vx93-jvxw
Kubernetes client-go vulnerable to Sensitive Information Leak via Log File
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-qhm4-jxv7-j9pq Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes | CVSS3: 4.3 | 1% Низкий | почти 4 года назад |
| GHSA-qh36-44jv-c8xj Potential proxy IP restriction bypass in Kubernetes | CVSS3: 3.1 | 0% Низкий | почти 4 года назад |
| GHSA-qc2g-gmh6-95p4 kube-apiserver vulnerable to policy bypass | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-q78c-gwqw-jcmc Kubernetes privilege escalation vulnerability | CVSS3: 8.8 | 1% Низкий | около 2 лет назад |
| GHSA-mm7g-f2gg-cw8g Kubernetes arbitrary file overwrite | CVSS3: 5.6 | 0% Низкий | больше 3 лет назад |
| GHSA-mfv7-gq43-w965 Incomplete List of Disallowed Inputs in Kubernetes | CVSS3: 4.8 | 0% Низкий | больше 4 лет назад |
| GHSA-m3fm-h5jp-q79p Authorization bypass in Openshift | CVSS3: 9.8 | 2% Низкий | почти 4 года назад |
| GHSA-jh36-q97c-9928 Kubernetes vulnerable to validation bypass | CVSS3: 8.8 | 1% Низкий | почти 3 года назад |
| GHSA-hq6q-c2x6-hmch Kubernetes Improper Input Validation vulnerability | CVSS3: 8.8 | 19% Средний | около 2 лет назад |
| GHSA-g42g-737j-qx6j Access Restriction Bypass in kube-apiserver | CVSS3: 6.5 | 18% Средний | больше 4 лет назад |
| GHSA-g2r3-4g8q-h5rj Missing authorization in Jenkins Kubernetes Plugin | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-fqg2-c97r-rqcj Exposure of Sensitive Information in Jenkins Kubernetes Plugin | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
| GHSA-fh5w-p2j4-4p8x Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Kubernetes Plugin | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-f9jg-8p32-2f55 kubectl ANSI escape characters not filtered | CVSS3: 3 | 0% Низкий | почти 4 года назад |
| GHSA-f5f7-6478-qm6p Files or Directories Accessible to External Parties in kubernetes | CVSS3: 8.1 | 33% Средний | около 4 лет назад |
| GHSA-cgcv-5272-97pr Kubernetes mountable secrets policy bypass | CVSS3: 6.5 | 5% Низкий | больше 2 лет назад |
| GHSA-9frv-h2cf-52wh The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. | CVSS3: 8.2 | 91% Критический | больше 3 лет назад |
| GHSA-8wj5-gvvw-f5fh The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11. | 2% Низкий | больше 3 лет назад | |
| GHSA-8mjg-8c8g-6h85 Kubernetes Sensitive Information leak via Log File | CVSS3: 4.7 | 0% Низкий | почти 3 года назад |
| GHSA-8cfg-vx93-jvxw Kubernetes client-go vulnerable to Sensitive Information Leak via Log File | CVSS3: 4.7 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу