66 matches found
EUVD-2019-13726
Malware in sbrugna...
EUVD-2018-2081
Malware in sbrugna...
EUVD-2021-2608
Malware in sbrugna...
EUVD-2023-2961
Malicious code in bioql PyPI...
EUVD-2022-1260
Malicious code in bioql PyPI...
EUVD-2022-0898
Malicious code in bioql PyPI...
Webhook redirect in kube-apiserver
...
OPENSUSE-SU-2025:15235-1 kubernetes1.31-apiserver-1.31.10-1.1 on GA media
These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2022-23652
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...
GitLab CE/EE Security Vulnerabilities
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE, which stems from the fact that an...
BIT-CILIUM-OPERATOR-2023-39347 Cilium NetworkPolicy bypass via pod labels
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...
Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2024-3177)
Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that may allow mountable secret policy enforcement to be bypassed during pod admission CVE-2024-3177. Vulnerability Details CVEID: CVE-2024-3177 Description: Kubernetes kube-apiserver could...
Security Bulletin: Netcool Operations Insights 1.6.12 addresses multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.12 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of...
Privilege escalation
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...
capsule-proxy Authorization Issues Vulnerability
capsule-proxy is allowed to overcome the limitations of the Kubernetes API Server in listing the cluster-wide resources it owns, such as Namespace, Ingress and Storage Classes, Nodes, and other resources covered by Capsule. An authorization issue vulnerability exists in capsule-proxy version 0.4....
YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML (CVE-2019-11254)
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...
DEBIAN-CVE-2022-3172
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties...
AZL-34898 CVE-2023-5408 affecting package kubernetes for versions less than 1.29.1-2
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the clust...
Design/Logic Flaw
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...
CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...