Количество 13
Количество 13
BDU:2024-04110
Уязвимость компонента KUBE-APISERVER программного средства управления кластерами виртуальных машин Kubernetes, позволяющая нарушителю запускать контейнеры в обход политики безопасности
CVE-2024-3177
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
CVE-2024-3177
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
CVE-2024-3177
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
CVE-2024-3177
CVE-2024-3177
A security issue was discovered in Kubernetes where users may be able ...
SUSE-SU-2024:1404-1
Security update for kubernetes1.23
SUSE-SU-2024:1403-1
Security update for kubernetes1.24
ROS-20240522-03
Уязвимость kubernetes
GHSA-pxhw-596r-rwq5
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
SUSE-SU-2025:02423-2
Security update for kubernetes1.23
SUSE-SU-2024:3343-1
Security update for kubernetes1.24
SUSE-SU-2024:3341-1
Security update for kubernetes1.23
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-04110 Уязвимость компонента KUBE-APISERVER программного средства управления кластерами виртуальных машин Kubernetes, позволяющая нарушителю запускать контейнеры в обход политики безопасности | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
 | CVE-2024-3177 A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
 | CVE-2024-3177 A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
 | CVE-2024-3177 A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
 | CVSS3: 2.7 | 7% Низкий | больше 1 года назад | |
| CVE-2024-3177 A security issue was discovered in Kubernetes where users may be able ... | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
 | SUSE-SU-2024:1404-1 Security update for kubernetes1.23 | 7% Низкий | больше 1 года назад | |
| SUSE-SU-2024:1403-1 Security update for kubernetes1.24 | 7% Низкий | больше 1 года назад | |
 | ROS-20240522-03 Уязвимость kubernetes | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
| GHSA-pxhw-596r-rwq5 Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin | CVSS3: 2.7 | 7% Низкий | больше 1 года назад |
| SUSE-SU-2025:02423-2 Security update for kubernetes1.23 | 4 месяца назад | ||
| SUSE-SU-2024:3343-1 Security update for kubernetes1.24 | около 1 года назад | ||
| SUSE-SU-2024:3341-1 Security update for kubernetes1.23 | около 1 года назад |
Уязвимостей на страницу