Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. An attacker with create pod permission could access local git repositories belonging to other pods on the same node by exploiting this vulnerability. Notes: 1 This is only exploitable if the cluster still uses...

OpenShift: pod log location must validate container if provided

It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would normally not have access to...