42 matches found
Virtuozzo Hybrid Infrastructure 5.4 (5.4.0-133)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover compute services, management node high availability, monitoring and alerts, and the user interface. Additionally, this release delivers stability improvements and addresses issues found in previous...
Improper Authentication in Kubernetes
A security issue was discovered in the Kubelet and kube-proxy components of Kubernetes which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. For example, if a cluster administrator runs a TCP service on a node that...
GHSA-WQV3-8CM6-H6WG Improper Authentication in Kubernetes
A security issue was discovered in the Kubelet and kube-proxy components of Kubernetes which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. For example, if a cluster administrator runs a TCP service on a node that...
Improper Authentication
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
Improper Authentication in Kubernetes
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update
The components for Red Hat OpenShift Container Platform for Windows Containers 3.0.0 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
Moderate: Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 2.0.1 security and bug fix update
The components for Windows Container Support for Red Hat OpenShift 2.0.1 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2021-25736
A flaw was found in the Windows kube-proxy component. In a cloud environment that does not set the “.status.loadBalancer.ingress.ip” field in the LoadBalancer service status configuration for example in AWS the packets can be misrouted and reach an unintended destination...
Kubernetes SIGs kube-proxy 安全漏洞
Kubernetes SIGs kube-proxy is an open source application for Kubernetes SIGs. A web proxy. A security vulnerability exists in Kubernetes SIGs kube-proxy, which stems from the possibility that packets sent by the program may be incorrectly routed and arrive elsewhere...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet and kube-proxy security vulnerability (CVE-2020-8558)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes kubelet and kube-proxy that could allow neighboring nodes to bypass localhost boundary CVE-2020-8558 Vulnerability Details CVEID: CVE-2020-8558 Description: Kubernetes kube-proxy could allow a remote...
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
DEBIAN-CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
Design/Logic Flaw
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
UBUNTU-CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
CVE-2020-8558
CVE-2020-8558 affects Kubernetes Kubelet and kube-proxy components (versions 1.1.0–1.16.10, 1.17.0–1.17.6, 1.18.0–1.18.3). The issue allows adjacent hosts on the same LAN (or containers on the same node) to reach TCP/UDP services bound to 127.0.0.1 on the node or in the node namespace. The IBM co...
Improper Authentication
The Kubelet and kube-proxy components were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but...
Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet and kube-proxy security vulnerability (CVE-2020-8558)
Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes kubelet and kube-proxy that could allow neighboring nodes to bypass localhost boundary CVE-2020-8558 Vulnerability Details CVEID: CVE-2020-8558 Description: Kubernetes kube-proxy could allow a remote...