Lucene search
K

14 matches found

UbuntuCve
UbuntuCve
added 2025/12/14 10:15 p.m.6 views

CVE-2025-13281

A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...

5.8CVSS7.2AI score0.00355EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/05 3:15 a.m.5 views

CVE-2025-7445

Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...

6.5CVSS5.8AI score0.00179EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/08/27 5:15 p.m.3 views

CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

6.7CVSS6.8AI score0.00434EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/06/23 12:0 a.m.4 views

CVE-2025-4563

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...

2.7CVSS6.8AI score0.0065EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/03/20 5:15 p.m.5 views

CVE-2024-7598

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies ...

3.1CVSS6.4AI score0.00301EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/13 5:15 p.m.4 views

CVE-2024-9042

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below...

5.9CVSS6.6AI score0.01394EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/03/13 5:15 p.m.10 views

CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...

6.5CVSS6.3AI score0.00516EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/02/13 4:16 p.m.6 views

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

6.2CVSS6.8AI score0.00349EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/11/22 5:15 p.m.12 views

CVE-2024-10220

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

8.1CVSS7.1AI score0.03001EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/10/15 9:15 p.m.14 views

CVE-2024-9594

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...

8.1CVSS7.1AI score0.01641EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/10/15 9:15 p.m.9 views

CVE-2024-9486

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...

9.8CVSS7.3AI score0.02223EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/11/03 6:15 p.m.31 views

CVE-2023-3893

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy...

8.8CVSS7.3AI score0.02864EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/10/31 9:15 p.m.21 views

CVE-2023-3676

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes...

8.8CVSS7AI score0.11668EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/12/27 10:15 p.m.114 views

CVE-2022-3064

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS6.7AI score0.017EPSS
Exploits0References5
Rows per page
Query Builder