22 matches found
TencentOS Server 4: kubernetes (TSSA-2024:1093)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1093 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes kubelet (CVE-2024-10220)
Summary A vulnerability in Kubernetes kubelet that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-10220 DESCRIPTION: Kubernetes kubelet could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper...
Photon OS 5.0: Kubernetes PHSA-2025-5.0-0487
An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0487. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2024-10220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29...
Azure Linux 3.0 Security Update: kubernetes (CVE-2024-10220)
The version of kubernetes installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...
CBL Mariner 2.0 Security Update: kubernetes (CVE-2024-10220)
The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...
CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14
CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14. A patched version of the package is available...
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1. An upgraded version of the package is available that resolves this issue...
OESA-2024-2532 kubernetes security update
Container cluster management. Security Fixes: A vulnerability, which was classified as problematic, was found in Kubernetes up to 1.28.11/1.29.6/1.30.2 Virtualization Software. Affected is an unknown code block of the component gitRepo Volume Handler. Upgrading to version 1.28.12, 1.29.7, 1.30.3 ...
govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media (moderate)
govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media Announcement ID: openSUSE-SU-2024:14567-1 Rating: moderate Cross-References: CVE-2024-10220 CVE-2024-36620 CVE-2024-36621 CVE-2024-36623 CVE-2024-37820 CVE-2024-43784 CVE-2024-45719 CVE-2024-50948 CVE-2024-52003 CVE-2024-52529 CVE-2024-52801...
Mageia: Security Advisory (MGASA-2024-0389)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kubernetes packages fix security vulnerabilities
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...
CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...
CVE-2024-10220 vulnerabilities
Vulnerabilities for packages: k8s-device-plugin, nodetaint, argocd-image-updater, ip-masq-agent, local-static-provisioner, aws-efs-csi-driver, kubeflow-pipelines, kubernetes-dns-node-cache...
CVE-2024-10220 vulnerabilities
Vulnerabilities for packages: k8s-device-plugin, rancher-webhook-fips, aws-efs-csi-driver-fips, local-static-provisioner, nodetaint, local-static-provisioner-fips, rancher-webhook, aws-efs-csi-driver, argocd-image-updater, kubernetes-dns-node-cache-fips, kubeflow-pipelines,...
CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...
CVE-2024-10220 Arbitrary command execution through gitRepo volume
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...
CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...
CVE-2024-10220
CVE-2024-10220 – Kubernetes kubelet command execution via gitRepo volumes . Affects kubelet up to version 1.28.11 and 1.29.0–1.29.6 and 1.30.0–1.30.2. The issue allows arbitrary command execution through specially crafted gitRepo volumes in kubelet. Root cause: path traversal in how gitRepo volum...
CVE-2024-10220 Arbitrary command execution through gitRepo volume
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...