27 matches found
GO-2024-3277 Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes...
Race Condition
k8s.io/kubernetes is vulnerable to Race Condition. The vulnerability is caused due to Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this...
GO-2022-0983 ANSI escape characters not filtered in kubectl in k8s.io/kubernetes
ANSI escape characters not filtered in kubectl in k8s.io/kubernetes...
GO-2022-0890 Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes
Server Side Request Forgery SSRF in Kubernetes in k8s.io/kubernetes...
GO-2022-0907 Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes...
GO-2022-0885 Improper Authentication in Kubernetes in k8s.io/kubernetes
Improper Authentication in Kubernetes in k8s.io/kubernetes...
GO-2022-0886 Kubernetes Arbitrary Command Injection in k8s.io/kubernetes
Kubernetes Arbitrary Command Injection in k8s.io/kubernetes...
GO-2022-0802 Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes
Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes...
GO-2022-0782 Symlink Attack in kubectl cp in k8s.io/kubernetes
Symlink Attack in kubectl cp in k8s.io/kubernetes...
GO-2022-0703 XML Entity Expansion and Improper Input Validation in Kubernetes API server in k8s.io/kubernetes
XML Entity Expansion and Improper Input Validation in Kubernetes API server in k8s.io/kubernetes...
GO-2023-2341 Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes...
GO-2023-2170 Insufficient input sanitization on Windows nodes leads to privilege escalation in k8s.io/kubernetes and k8s.io/mount-utils
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes...
GO-2023-2330 Insufficient input sanitization on Windows nodes leads to privilege escalation in k8s.io/kubernetes
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes...
GO-2023-2159 Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes...
GO-2023-1959 Kubernetes arbitrary file overwrite in k8s.io/kubernetes
Kubernetes arbitrary file overwrite in k8s.io/kubernetes...
GO-2023-1946 Kubernetes DoS Vulnerability in k8s.io/kubernetes
Kubernetes DoS Vulnerability in k8s.io/kubernetes...
GO-2023-1891 Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes
Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes...
GO-2023-1864 Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes...
GO-2023-1629 Kubernetes vulnerable to validation bypass in k8s.io/kubernetes
Kubernetes vulnerable to validation bypass in k8s.io/kubernetes...
GO-2023-1628 Kubernetes vulnerable to path traversal in k8s.io/kubernetes
Kubernetes vulnerable to path traversal in k8s.io/kubernetes...