18 matches found
TencentOS Server 4: kubernetes (TSSA-2024:0872)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0872 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Fedora 37 : kubernetes (2022-8647729ff8)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-8647729ff8 advisory. Resolves, in part, 2142161. Security patches that resolve CVE-2022-3162 and CVE-2022-3294. Tenable has extracted the preceding description block...
SUSE: Security Advisory (SUSE-SU-2023:2292-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2292-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2292-1 advisory. - add kubernetes1.18-client-common as conflicts with kubernetes-client-bash-completion - Split individual completions into separate...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes (CVE-2022-3162, CVE-2022-3294)
Summary Multiple vulnerabilities in Kubernetes used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-3162 DESCRIPTION: Kubernetes kube-apiserver could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization. An...
CVE-2022-3294
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294 Node address isn't always verified when proxying
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294
CVE-2022-3294 affects Kubernetes kube-apiserver by bypassing proxy address validation for Node objects, potentially allowing an authenticated, low-privilege attacker to route requests through the API server to the private cluster network. The impact is the exposure of access to Node endpoints and...
CVE-2022-3294 Node address isn't always verified when proxying
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
CVE-2022-3294
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...
Fedora 35 : kubernetes (2022-2004702d98)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-2004702d98 advisory. Resolves, in part, 2142161. Security patches that resolve CVE-2022-3162 and CVE-2022-3294. Tenable has extracted the preceding description block...
kubernetes security update
kubernetes 1.21.14-3 - Addresses CVE-2022-3294 & CVE-2022-3162 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.9-2 - Fix 1.21 kubernetes version to align with last upstream release 1.4.9-1 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21...
kubernetes security update
kubernetes 1.22.16-1 - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes 1.23.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.8-4 - Fix 1.21 kubernetes versi...
kubernetes security update
kubernetes 1.21.14-3 - Addresses CVE-2022-3294 & CVE-2022-3162 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.9-2 - Fix 1.21 kubernetes version to align with last upstream release 1.4.9-1 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21...
Oracle Linux 7 : kubernetes (ELSA-2022-10033)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10033 advisory. - Addresses CVE-2022-3294 & CVE-2022-3162 - Addresses CVE-2022-3172 olcne - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21 - Resolv...
Oracle Linux 8 : kubernetes (ELSA-2022-10036)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10036 advisory. - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.24 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.23 - Resolve...
Oracle Linux 7 : kubernetes (ELSA-2022-10035)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10035 advisory. - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.24 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.23 - Resolve...