Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2024/06/04 12:36 p.m.4 views

SUSE CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account's secrets field...

6.5CVSS6.4AI score0.02157EPSS
Exploits1References10
OSV
OSV
added 2024/05/17 11:7 a.m.2 views

OESA-2024-1580 kubernetes security update

Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with t...

2.7CVSS6.7AI score0.02224EPSS
Exploits1References2
OSV
OSV
added 2024/05/17 11:7 a.m.2 views

OESA-2024-1577 kubernetes security update

Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with t...

2.7CVSS6.7AI score0.02224EPSS
Exploits1References2
OSV
OSV
added 2024/04/22 11:15 p.m.2 views

DEBIAN-CVE-2024-3177

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...

2.7CVSS6.1AI score0.02224EPSS
Exploits1References1
OSV
OSV
added 2024/04/22 11:15 p.m.4 views

UBUNTU-CVE-2024-3177

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...

2.7CVSS6.9AI score0.02224EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.7 views

PT-2024-3763

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when usi...

7.7CVSS8AI score0.99999EPSS
Exploits21References91
RedHat Linux
RedHat Linux
added 2023/10/31 2:23 p.m.6 views

kube-apiserver: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/10/31 2:6 p.m.5 views

kube-apiserver: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References5
Veracode
Veracode
added 2023/07/06 10:13 a.m.27 views

Policy Bypass

github.com/kubernetes/kubernetes is vulnerable to Policy Bypass. The vulnerability exists in serviceaccount/admission.go, when ephemeral containers are used, which allows malicious users to start containers using restricted images, impacting the cluster if the ServiceAccount admission plugin is...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References13Affected Software2
OSV
OSV
added 2023/07/03 9:15 p.m.1 views

DEBIAN-CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.4AI score0.02157EPSS
Exploits1References1
OSV
OSV
added 2023/07/03 9:15 p.m.2 views

UBUNTU-CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/06/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:2542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02157EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.7 views

PT-2023-21049 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue allows users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. This policy ensures...

7.7CVSS6.5AI score0.99999EPSS
Exploits21References144
Rows per page
Query Builder