Lucene search
K

166 matches found

RedHat Linux
RedHat Linux
added 2023/05/04 1:50 a.m.34 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.9 security and bug fix update

The Migration Toolkit for Containers MTC 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS6.7AI score0.01231EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/26 12:0 a.m.22 views

Bare Metal Operator 信息泄露漏洞

Bare Metal Operator is an open source application from Metal³ that uses the Kubernetes API to manage bare metal hosts. An information disclosure vulnerability exists in Bare Metal Operator versions prior to 0.3.0, which stems from the presence of plaintext username and hashed password disclosure...

6CVSS5.8AI score0.00191EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/03/02 4:2 a.m.4 views

SUSE CVE-2022-3294

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

6.6CVSS8.1AI score0.01618EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.5 views

SUSE CVE-2018-1002102

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificat...

2.6CVSS4.3AI score0.00618EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.4 views

SUSE CVE-2018-1002105

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary reques...

9.8CVSS9.2AI score0.86978EPSS
Exploits10References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.2 views

SUSE CVE-2019-11254

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

4.3CVSS8.4AI score0.0236EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.4 views

SUSE CVE-2020-8554

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS6.6AI score0.09274EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.3 views

SUSE CVE-2022-1708

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

6.8CVSS6.7AI score0.02827EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2023/01/17 7:29 p.m.5 views

kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)

A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties...

8.2CVSS7.3AI score0.02464EPSS
Exploits1References5
Virtuozzo
Virtuozzo
added 2022/12/13 12:0 a.m.27 views

Virtuozzo Hybrid Infrastructure 5.3 Update 1 (5.3.1-38)

This update provides new features for security, monitoring, and the compute service, as well as bug fixes and improvements. Vulnerability id: VSTOR-60452 It is impossible to start a cluster update after an eligibility check failure. Vulnerability id: VSTOR-60459 A stability fix for Windows...

1.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/08 9:43 a.m.5 views

cri-o: memory exhaustion on the node when access to the kube api

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

7.8CVSS6.6AI score0.02827EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:27 a.m.4 views

cri-o: memory exhaustion on the node when access to the kube api

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

7.8CVSS6.6AI score0.02827EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/11/02 12:27 p.m.7 views

kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)

A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties...

8.2CVSS7.3AI score0.02464EPSS
Exploits1References5
Veracode
Veracode
added 2022/09/27 4:10 p.m.35 views

Information Disclosure

Rancher is vulnerable to information disclosure. Confidential information such as passwords and API keys are stored in kubernetes objects using plaintext which allows an attacker with read permission to retrieve plaintext passwords using the Kubernetes API...

9.9CVSS8.3AI score0.03105EPSS
Exploits3References5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/16 9:57 a.m.65 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a CRI-O security vulnerability (CVE-2022-1708)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kubernetes API. Vulnerability Details CVEID: CVE-2022-1708 Description: A vulnerability was found in CRI-O that causes memo...

7.8CVSS8AI score0.02827EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.5 views

PT-2022-20897 · Kubernetes +1 · Kube-Apiserver +2

Name of the Vulnerable Software and Affected Versions: kube-apiserver affected versions not specified Description: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected...

8.8CVSS6.5AI score0.02464EPSS
Exploits1References24
NVD
NVD
added 2022/09/07 9:15 a.m.41 views

CVE-2021-36782

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versio...

9.9CVSS0.03105EPSS
Exploits3References2
Prion
Prion
added 2022/09/07 9:15 a.m.27 views

Information disclosure

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versio...

6.5CVSS8.9AI score0.03105EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2022/09/07 8:20 a.m.1142 views

CVE-2021-36782

CVE-2021-36782 concerns SUSE Rancher where sensitive fields, such as passwords, API keys and service account tokens, were stored in plaintext on Kubernetes objects (e.g., cluster.management.cattle.io) and exposed to authenticated users with cluster/project roles via the Kubernetes API. Affected R...

9.9CVSS9.1AI score0.03105EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2022/09/07 8:20 a.m.38 views

CVE-2021-36782 Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versio...

9.9CVSS9.4AI score0.03105EPSS
Exploits3References2
Rows per page
Query Builder