EUVD-2025-18894

Malicious code in bioql PyPI...

GO-2023-1763 On a compromised node, the fluid-csi service account can be used to modify node specs in github.com/fluid-cloudnative/fluid

On a compromised node, the fluid-csi service account can be used to modify node specs in github.com/fluid-cloudnative/fluid...

GHSA-93XX-CVMC-9W3V On a compromised node, the fluid-csi service account can be used to modify node specs

Impact If a malicious user gains control of a Kubernetes node running fluid csi pod controlled by the csi-nodeplugin-fluid node-daemonset, he/she can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks "list node"...

CVE-2023-30840 On a compromised node, the fluid-csi service account can be used to modify node specs

Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod controlled by the csi-nodeplugin-fluid...

Fluid 安全漏洞

Fluid is an open source Kubernetes native distributed dataset orchestrator and gas pedal from the Cloud Native Computing Foundation for data-intensive applications such as Big Data and AI applications. A security vulnerability exists in Fluid versions 0.7.0 through 0.8.6, which stems from the...

Privilege Escalation

github.com/kubevirt/kubevirt is vulnerable to Privilege Escalation. A remote attacker is able to compromise a specific node and wait until system-critical components with high privileges appear on its node. A compromised node can be used to elevate privileges beyond the node, potentially having...

On a compromised node, the virt-handler service account can be used to modify all node specs

Impact If a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can for instance read all secrets on t...

GHSA-CP96-JPMQ-XRR2 On a compromised node, the virt-handler service account can be used to modify all node specs

Impact If a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can for instance read all secrets on t...

CVE-2023-26484 On a compromised KubeVirt node, the virt-handler service account can be used to modify all node specs

KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to...

KubeVirt 安全漏洞

Kubevirt is a virtual machine manager. A security vulnerability exists in KubeVirt 0.59.0 and later, which stems from the ability to modify all node specifications using the virt-handler service account if a malicious user takes over a Kubernetes node running virt-handler...

kubernetes: compromised node could escalate to cluster level privileges

A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other...

RHEL 7 / 8 : OpenShift Container Platform 4.4.32 (RHSA-2021:0030)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0030 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

kubernetes: compromised node could escalate to cluster level privileges

A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.5.21 bug fix and security update

Red Hat OpenShift Container Platform release 4.5.21 is now available with updates to packages and images that fix several bugs. This release includes a security update for openshift-enterprise-hyperkube for Red Hat OpenShift Container Platform 4.5.21. Red Hat Product Security has rated this updat...

kubernetes: compromised node could escalate to cluster level privileges

A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other...

Malicious Package in reuest

All versions of reuest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process wa...

kubernetes security update

1.12.10-1.0.13 - CVE-2020-8559: Privilege escalation from compromised node to cluster - CVE-2020-8557: Node disk DOS by writing to container /etc/hosts...