15 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 security and extras update
Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.65 security and extras update
Red Hat OpenShift Container Platform release 4.15.65 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 security and extras update
Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...
Linux Distros Unpatched Vulnerability : CVE-2023-2431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but...
Authentication Bypass
github.com/k3s-io/k3s is vulnerable to unintended unauthenticated access. The vulnerability is due to a Kubernetes kubelet configuration change that, in some cases, sets ReadOnlyPort to 10255, allowing unauthenticated access and potential exposure of credentials...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes kubelet (CVE-2024-10220)
Summary A vulnerability in Kubernetes kubelet that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-10220 DESCRIPTION: Kubernetes kubelet could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper...
The vulnerability of the kubelet utility, a management tool for clusters of virtual machines in Kubernetes, for Windows operating systems allows a hacker to execute arbitrary commands.
The vulnerability of the kubelet utility in the Kubernetes cluster management software for Windows operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the kubelet utility in the Kubernetes cluster management software allows a hacker to elevate their privileges to the level of an administrator.
The vulnerability of the kubelet utility in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to elevate their privileges to the level of an administrator...
The vulnerability of the kubelet utility in the Kubernetes cluster management software allows a attacker to configure certain modules to operate in an “abnormal mode”.
The vulnerability of the kubelet utility in the Kubernetes cluster management software is related to insufficient validation of the specified type of input data. Exploiting this vulnerability could allow an attacker to configure certain modules to operate in a “non-organic mode”...
Exploit for Improper Input Validation in Kubernetes
About It's exploit for CVE-2021-25741 vulnerability. This vu...
DEBIAN-CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
UBUNTU-CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...
Privilege Escalation
An attacker is able to intercept certain requests to the Kubelet and send a redirect response that may be followed by a client using the credentials from the original request. This can lead to compromise of other nodes...
DEBIAN-CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
Google Kubernetes Resource Management Error Vulnerability (CNVD-2020-20713)
Google Kubernetes is a set of open source Docker container cluster management system from the U.S. company Google Google. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. A resource management error...