AZL-70586 CVE-2025-52881 affecting package kubernetes for versions less than 1.30.10-18

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...

EUVD-2022-1238

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-1002105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o security vulnerability (CVE-2024-9676)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in the cri-o component which a remote authenticated attacker could exploit to cause a denial of service condition. CVE-2024-9676 Vulnerability Details CVEID: CVE-2024-9676 Description: Podman, Buildah and CRI-O a...

GO-2025-3566 ingress-nginx controller - configuration injection via unsanitized auth-url annotation in k8s.io/ingress-nginx

ingress-nginx controller - configuration injection via unsanitized auth-url annotation in k8s.io/ingress-nginx. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

CVE-2025-27144 affecting package kubernetes for versions less than 1.30.10-3

CVE-2025-27144 affecting package kubernetes for versions less than 1.30.10-3. A patched version of the package is available...

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2017-1002102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI...

Linux Distros Unpatched Vulnerability : CVE-2017-1002101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type...

AZL-57428 CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

DEBIAN-CVE-2024-10220

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

AZL-52204 CVE-2024-51744 affecting package kubernetes for versions less than 1.30.10-5

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a runc security vulnerability (CVE-2024-21626)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in the runc component where an attacker could gain unauthorized access to the host filesystem CVE-2024-21626. Vulnerability Details CVEID: CVE-2024-21626 Description: Open Container Initiative runc could allow a...

PT-2023-6920 · Unknown +2 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes versions prior to 1.28.4 Kubernetes versions prior to 1.27.8 Kubernetes versions prior to 1.26.11 Kubernetes versions prior to 1.25.16 Description: A security issue was discovered in Kubernetes where a user that can create pods and...

AZL-31693 CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

CVE-2023-39347

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

SUSE CVE-2017-1000056

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object...

SUSE CVE-2018-1002101

In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection...

SUSE CVE-2019-11244

In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir defaulting to $HOME/.kube/http-cache, written with world-writeable permissions rw-rw-rw-. If --cache-dir is specified and pointed at a different location accessible to other users/groups, the...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2021-25737)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that could allow a user to redirect pod traffic to private networks on a node CVE-2021-25737 Vulnerability Details CVEID: CVE-2021-25737 Description: Kubernetes could allow a remote...