Lucene search
+L

277 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-8561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests...

4.1CVSS6AI score0.021EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.7 views

PT-2025-33645 · Undefined · Undefined

🚨 URGENT: Kubernetes admins must patch CVE-2025-02383 SUSE-2025-02383-2 ✅ Affects: kube-apiserver v1.26.x ✅ Risk: Moderate-severity RBAC bypass. ✅ Fix: Apply SUSE patches NOW + validate with kube-bench. Read more: 👉 https://t.co/VRCE9nkHn3 https://t.co/ukAF3LWe56...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.9 views

PT-2025-33265

Name of the Vulnerable Software and Affected Versions: kube-apiserver versions 1.31.11 and earlier kube-apiserver versions 1.32.7 and earlier kube-apiserver versions 1.33.3 and earlier Description: Compromised nodes can delete themselves and relabel via OwnerReferences. An attacker who has gained...

9.9CVSS6.3AI score0.10543EPSS
Exploits21References72
Snyk
Snyk
added 2025/07/09 3:33 p.m.5 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the toolsUploaderHandler function. An attacker can execute arbitrary code and compromise the integrity, confidentiality, and availability of the system by uploading malicious binaries through an authenticated...

8.8CVSS7.7AI score0.00569EPSS
Exploits1References2
Snyk
Snyk
added 2025/07/09 3:30 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the /log endpoint. An attacker can access sensitive debug log messages by authenticating with valid user credentials, even without proper authorization. Remediation Upgrade github.com/juju/juju/apiserver to...

7.1CVSS6.8AI score0.00315EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/07/05 12:0 a.m.5 views

kubernetes1.32-apiserver-1.32.6-1.1 on GA media (moderate)

kubernetes1.32-apiserver-1.32.6-1.1 on GA media Announcement ID: openSUSE-SU-2025:15236-1 Rating: moderate Cross-References: CVE-2025-22872 CVSS scores: CVE-2025-22872 SUSE : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L CVE-2025-22872 SUSE : 6.3...

6.5CVSS7.4AI score0.00513EPSS
Exploits0
OSV
OSV
added 2025/07/03 12:0 a.m.3 views

OPENSUSE-SU-2025:15236-1 kubernetes1.32-apiserver-1.32.6-1.1 on GA media

These are all security issues fixed in the kubernetes1.32-apiserver-1.32.6-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.7AI score0.00513EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 12:0 a.m.4 views

OPENSUSE-SU-2025:15234-1 kubernetes1.30-apiserver-1.30.14-1.1 on GA media

These are all security issues fixed in the kubernetes1.30-apiserver-1.30.14-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.7AI score0.00513EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/19 12:0 a.m.6 views

PT-2025-26210 · Unknown · Kubernetes

Name of the Vulnerable Software and Affected Versions: kube-apiserver versions 1.32.0 through 1.32.5 kube-apiserver versions 1.33.0 through 1.33.1 Description: The issue allows a compromised node to create mirror pods, accessing unauthorized dynamic resources, potentially leading to privilege...

2.7CVSS7.5AI score0.0065EPSS
Exploits0References34
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.8 views

CVE-2023-32187

An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port TCP 6443 cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s1, from v1.26.0...

7.5CVSS7.4AI score0.00605EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.10 views

CVE-2022-39383

KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this vulnerability. When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability. Users who're...

6.5CVSS6.8AI score0.00376EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/24 3:24 a.m.5 views

SUSE CVE-2025-32963

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS6.9AI score0.00573EPSS
Exploits0References3
OSV
OSV
added 2025/04/22 6:14 p.m.9 views

GO-2025-3637 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS in github.com/minio/operator

Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS in github.com/minio/operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

6.9CVSS6.3AI score0.00573EPSS
Exploits0References2
CVE
CVE
added 2025/04/22 5:14 p.m.78 views

CVE-2025-32963

MinIO Operator STS (Kubernetes IAM) flaw: before v7.1.0, the spec.audiences default could be the Kubernetes API server, allowing replay to internal systems. Root cause: unscoped audiences enable trust beyond intended scope. Impact: tokens could be replayed to other components; mitigated only by p...

6.9CVSS6.5AI score0.00573EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/22 5:14 p.m.10 views

CVE-2025-32963 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS7.1AI score0.00573EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/22 5:14 p.m.28 views

CVE-2025-32963 Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...

6.9CVSS0.00573EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:0 a.m.58 views

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

7.5CVSS7.4AI score0.99019EPSS
Exploits17Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2025/03/26 12:0 a.m.5 views

kubernetes1.29-apiserver-1.29.15-1.1 on GA media (moderate)

kubernetes1.29-apiserver-1.29.15-1.1 on GA media Announcement ID: openSUSE-SU-2025:14924-1 Rating: moderate Cross-References: CVE-2025-1767 CVSS scores: CVE-2025-1767 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2025-1767 SUSE : 8.5...

8.5CVSS7.4AI score0.00516EPSS
Exploits0
OSV
OSV
added 2025/03/25 7:38 p.m.19 views

GO-2025-3547 Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes

Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes...

3.1CVSS3.7AI score0.00301EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/20 6:30 p.m.14 views

Kubernetes kube-apiserver Vulnerable to Race Condition

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies ...

3.1CVSS7.2AI score0.00301EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder