5 matches found
capsule-proxy Authorization Issues Vulnerability
capsule-proxy is allowed to overcome the limitations of the Kubernetes API Server in listing the cluster-wide resources it owns, such as Namespace, Ingress and Storage Classes, Nodes, and other resources covered by Capsule. An authorization issue vulnerability exists in capsule-proxy version 0.4....
capsule-proxy Information Disclosure Vulnerability
The capsule-proxy is allowed to overcome the Kubernetes API Server's limitations in listing owned cluster-wide resources such as Namespace, Ingress and Storage Classes, Nodes, and other resources covered by the Capsule. An information disclosure vulnerability exists in capsule-proxy. An attacker...
kubernetes: Server side request forgery (SSRF) in kube-controller-manager allows users to leak secret information
A server side request forgery SSRF flaw was found in Kubernetes. The kube-controller-manager allows authorized users with the ability to create StorageClasses or certain Volume types to leak up to 500 bytes of arbitrary information from the master's host network. This can include secrets from the...
kubernetes: Server side request forgery (SSRF) in kube-controller-manager allows users to leak secret information
A server side request forgery SSRF flaw was found in Kubernetes. The kube-controller-manager allows authorized users with the ability to create StorageClasses or certain Volume types to leak up to 500 bytes of arbitrary information from the master's host network. This can include secrets from the...
kubernetes: Server side request forgery (SSRF) in kube-controller-manager allows users to leak secret information
A server side request forgery SSRF flaw was found in Kubernetes. The kube-controller-manager allows authorized users with the ability to create StorageClasses or certain Volume types to leak up to 500 bytes of arbitrary information from the master's host network. This can include secrets from the...