61 matches found
EUVD-2024-3260
Malicious code in bioql PyPI...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to improper Input Validation due to kube-controller-manager (CVE-2024-0793)
Summary Potential vulnerabilities in kube module CVE-2024-0793 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-0793 DESCRIPTION: A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lackin...
Denial Of Service (DoS)
Kube-controller-manager is vulnerable to denial of service. The vulnerability is due to a missing .spec.behavior.scaleUp block in the HPA YAML file, causing kube-controller-manager pods to enter a restart loop and disrupt service availability. It allows an attacker to trigger a DoS by deploying t...
CVE-2024-0793
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
CVE-2024-0793 Kube-controller-manager: malformed hpa v1 manifest causes crash
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
CVE-2024-0793 Kube-controller-manager: malformed hpa v1 manifest causes crash
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
CVE-2024-0793 Kube-controller-manager: malformed hpa v1 manifest causes crash
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
PT-2024-15825 · Unknown +1 · Kube-Controller-Manager +1
Name of the Vulnerable Software and Affected Versions: kube-controller-manager affected versions not specified Description: A flaw was found in kube-controller-manager, causing a denial of service due to KCM pods going into restart churn when the initial application of a HPA config YAML lacks a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.53 packages and security update
Red Hat OpenShift Container Platform release 4.12.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
SUSE CVE-2024-0793
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn...
kube-controller-manager Input Validation Error Vulnerability
kube-controller-manager is a kube-controller-manager component configuration API for Kubernetes open source. A security vulnerability exists in kube-controller-manager. An attacker exploited the vulnerability to cause a denial of service on the system...
Oracle Linux 7 : kubernetes-cni-plugins / kubernetes-cni / kubernetes / olcne (ELSA-2020-5727)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5727 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : grafana / kubernetes-cni / kubernetes-cni-plugins / kubernetes / kubernetes / olcne (ELSA-2020-5726)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5726 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5725)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5725 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
SUSE CVE-2020-8566
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects v1.19.3, v1.18.10, v1.17.13...
Server Side Request Forgery (SSRF) in Kubernetes
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...
kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4
A flaw was found in kubernetes. If the logging level is to at least 4, and Ceph RBD is configured as a storage provisioner, then Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...
Secret leaks in logs for vSphere Provider kube-controller-manager
...
Inclusion of Sensitive Information in Log Files
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...
Secret leaks in kube-controller-manager when using vSphere provider
CVSS Rating: 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Medium In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. Am I vulnerable? If you are using VSphere as a clo...