137 matches found
GO-2024-3128 OpenShift Controller Manager Improper Privilege Management in github.com/openshift/openshift-controller-manager
OpenShift Controller Manager Improper Privilege Management in github.com/openshift/openshift-controller-manager. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...
PT-2024-15825 · Unknown +1 · Kube-Controller-Manager +1
Name of the Vulnerable Software and Affected Versions: kube-controller-manager affected versions not specified Description: A flaw was found in kube-controller-manager, causing a denial of service due to KCM pods going into restart churn when the initial application of a HPA config YAML lacks a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.53 packages and security update
Red Hat OpenShift Container Platform release 4.12.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
kube-controller-manager: malformed HPA v1 manifest causes crash
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
SUSE CVE-2024-0793
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
kube-controller-manager Input Validation Error Vulnerability
kube-controller-manager is a kube-controller-manager component configuration API for Kubernetes open source. A security vulnerability exists in kube-controller-manager. An attacker exploited the vulnerability to cause a denial of service on the system...
Oracle Linux 7 : grafana / kubernetes-cni / kubernetes-cni-plugins / kubernetes / kubernetes / olcne (ELSA-2020-5726)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5726 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubernetes-cni-plugins / kubernetes-cni / kubernetes / olcne (ELSA-2020-5727)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5727 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5725)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5725 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
CVE-2023-22645 kubewarden: Excessive permissions for kubewarden-controller-manager-cluster-role
An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0...
OpenFeature Operator 安全漏洞
OpenFeature Operator is OpenFeature's tool for exposing feature flags to applications. A security vulnerability exists in OpenFeature Operator versions prior to 0.2.32, which stems from a loose privilege configured on open-feature-operator-controller-manager that can be used to escalate the...
OpenFeature Operator vulnerable to Cluster-level Privilege Escalation
Impact On a node controlled by an attacker or malicious user, the lax permissions configured on open-feature-operator-controller-manager can be used to further escalate the privileges of any service account in the cluster. The increased privileges could be used to modify cluster state, leading to...
PT-2023-22090 · Unknown · Openfeature Operator
Name of the Vulnerable Software and Affected Versions: OpenFeature Operator versions prior to 0.2.32 Description: The issue allows an attacker to escalate the privileges of any service account in the cluster, assuming the pre-existence of a vulnerability that enables arbitrary code execution. Thi...
SUSE CVE-2020-8555
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...
SUSE CVE-2020-8566
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects v1.19.3, v1.18.10, v1.17.13...
Server Side Request Forgery (SSRF) in Kubernetes
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...
kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4
A flaw was found in kubernetes. If the logging level is to at least 4, and Ceph RBD is configured as a storage provisioner, then Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...
kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
A flaw was found in kubernetes. Clusters running on VSphere, using VSphere as a cloud provider a with logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log...
Secret leaks in logs for vSphere Provider kube-controller-manager
...
DEBIAN-CVE-2020-8566
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects v1.19.3, v1.18.10, v1.17.13...