Lucene search
K

27 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/14 2:58 p.m.10 views

Security Bulletin: IBM Cloud Kubernetes is affected by a Linux kernel security vulnerability (CVE-2026-31431)

Summary IBM Cloud Kubernetes Service is affected by a vulnerability in the Linux kernel that could allow a local attacker to escalate their privileges CVE-2026-31431. Vulnerability Details CVEID : CVE-2026-31431 Description : In the Linux kernel, the following vulnerability has been resolved:...

7.8CVSS6.6AI score0.96267EPSS
Exploits228Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 3:38 p.m.10 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerability (CVE-2026-3288)

Summary IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerability CVE-2026-3288. A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can...

8.8CVSS6.3AI score0.06669EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 11:41 a.m.12 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2025-5187)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that may allow node users to delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. CVE-2025-5187. Vulnerability Details CVEID:...

6.7CVSS6.6AI score0.00434EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/07 2:33 p.m.14 views

Security Bulletin: IBM Cloud Kubernetes Service on Ubuntu20 is affected by a FreeType Remote Code Execution security vulnerability (CVE-2025-27363)

Summary IBM Cloud Kubernetes Service is affected by a FreeType Remote Code Execution security vulnerability CVE-2025-27363 which is included in Ubuntu20 distributions, but not applicable to Ubuntu24 distributions. Vulnerability Details CVE-2025-27363 Description: An out of bounds write exists in...

8.1CVSS8.7AI score0.26049EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/28 8:41 p.m.12 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-40635)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability found in containerd where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root UID 0. This could cause...

7.8CVSS6.5AI score0.00275EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/03 4:57 p.m.37 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities (CVE-2025-24514, CVE-2025-1097, CVE-2025-1098)

Summary IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities where a user that can create or update Ingress objects can use the nginx.ingress.kubernetes.io/auth-url annotation CVE-2025-24514 or the nginx.ingress.kubernetes.io/auth-tls-match-cn...

8.8CVSS7.6AI score0.83066EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/21 5:16 p.m.43 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-21626)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability found in the runc component shipped with containerd where an attacker could gain unauthorized access to the host filesystem CVE-2024-21626. Vulnerability Details CVEID: CVE-2024-21626 Description: Open Container Initiati...

8.6CVSS8.9AI score0.18087EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/10 9:46 a.m.58 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities (CVE-2023-5043, CVE-2023-5044, CVE-2022-4886)

Summary IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities where a user that can create or update Ingress objects can use the nginx.ingress.kubernetes.io/configuration-snippet annotation CVE-2023-5043 or the...

8.8CVSS7.4AI score0.56568EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 1:57 p.m.27 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a kubelet security vulnerability (CVE-2023-2431)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the kubelet that allows pods to bypass the seccomp profile enforcement CVE-2023-2431 Vulnerability Details CVEID: CVE-2023-2431 Description: Kubernetes could allow a local authenticated attacker to bypass security...

5.5CVSS5.3AI score0.00257EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 1:54 p.m.46 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2023-2728)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that enables a user to bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers with the kubernetes.io/enforce-mountable-secrets...

6.5CVSS7.1AI score0.02157EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/12 12:41 p.m.31 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by two containerd security vulnerabilities (CVE-2023-28642) (CVE-2023-27561)

Summary IBM Cloud Kubernetes Service is affected by two security vulnerabilities found in containerd where 1 runc could allow a remote attacker to bypass security restrictions, caused by a symbolic link following vulnerability CVE-2023-28642 and 2 runc could allow a local authenticated attacker t...

7.8CVSS7.8AI score0.00448EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/14 2:50 p.m.60 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2021-41190)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability found in containerd that allows clients to misinterpret manifest and layer fields. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently...

5CVSS6AI score0.02085EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/07 1:56 p.m.25 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet security vulnerability (CVE-2021-25741)

Summary IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet security vulnerability that could allow host path like access without use of the hostPath feature, thus bypassing the restriction CVE-2021-25741. Vulnerability Details CVEID: CVE-2021-25741 Description: Kubernetes could allo...

8.8CVSS8.5AI score0.06505EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/11 3:44 p.m.36 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes security vulnerability (CVE-2020-8554)

Summary IBM Cloud Kubernetes Service is affected by a Kubernetes security vulnerability that could allow a malicious user to intercept traffic from other pods or nodes in the cluster CVE-2020-8554 Vulnerability Details CVEID: CVE-2020-8554 Description: Kubernetes could allow a remote authenticate...

6.3CVSS0.2AI score0.09274EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/07 10:2 a.m.28 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2021-25735)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that could allow node updates to bypass a validating admission webhook CVE-2021-25735 Vulnerability Details CVEID: CVE-2021-25735 Description: Kubernetes kube-apiserver could allow a remote...

6.5CVSS0.1AI score0.05524EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/22 5:36 p.m.31 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes kubelet that could result in the denial of service of a node CVE-2020-8557 Vulnerability Details CVEID: CVE-2020-8557 Description: Kubernetes kubelet is vulnerable to a denial of service, caused by an...

5.5CVSS6.2AI score0.00501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/22 5:36 p.m.37 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2020-8559)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that could enable a privilege escalation from a compromised node CVE-2020-8559 Vulnerability Details CVEID: CVE-2020-8559 Description: Kubernetes kube-apiserver could allow a remote...

6.8CVSS0.1AI score0.061EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/30 3:31 p.m.34 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes API server security vulnerabilities (CVE-2019-11254, CVE-2020-8552)

Summary IBM Cloud Kubernetes Service is affected by security vulnerabilities in the Kubernetes API server that exposes it to denial of service attacks CVE-2019-11254 and CVE-2020-8552 Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused ...

6.5CVSS0.1AI score0.02428EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/25 4:46 p.m.37 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2019-11253)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that exposes it to a denial of service attack via malicious YAML or JSON payloads CVE-2019-11253 Vulnerability Details CVE-ID: CVE-2019-11253 Description: The Kubernetes API server is...

7.5CVSS0.25939EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 4:45 p.m.42 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Python security vulnerability (CVE-2019-10160)

Summary IBM Cloud Kubernetes Service is vulnerable to CVE-2019-10160 Python security vulnerability which could allow a remote attacker to obtain sensitive information, caused by improper unicode encoding handling. Vulnerability Details CVE-ID: CVE-2019-10160 Description: Python...

9.8CVSS0.1AI score0.05227EPSS
Exploits0Affected Software1
Rows per page
Query Builder