Количество 10
Количество 10
ELSA-2021-9029
ELSA-2021-9029: olcne security update (IMPORTANT)
ELSA-2021-9028
ELSA-2021-9028: olcne security update (IMPORTANT)
CVE-2020-28914
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
CVE-2020-8554
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to ...
GHSA-6w62-mvw6-xggx
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.
GHSA-j9wf-vvm6-4r9w
Unverified Ownership in Kubernetes
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2021-9029 ELSA-2021-9029: olcne security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-9028 ELSA-2021-9028: olcne security update (IMPORTANT) | больше 4 лет назад | ||
 | CVE-2020-28914 An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only. | CVSS3: 7.1 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-8554 Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. | CVSS3: 6.3 | 30% Средний | больше 4 лет назад |
 | CVE-2020-8554 Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. | CVSS3: 6.3 | 30% Средний | больше 4 лет назад |
| CVE-2020-8554 Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. | CVSS3: 6.3 | 30% Средний | больше 4 лет назад |
 | CVSS3: 5 | 30% Средний | больше 1 года назад | |
| CVE-2020-8554 Kubernetes API server in all versions allow an attacker who is able to ... | CVSS3: 6.3 | 30% Средний | больше 4 лет назад |
| GHSA-6w62-mvw6-xggx An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only. | 0% Низкий | около 3 лет назад | |
| GHSA-j9wf-vvm6-4r9w Unverified Ownership in Kubernetes | CVSS3: 5 | 30% Средний | больше 3 лет назад |
Уязвимостей на страницу