5 matches found
EUVD-2023-1244
Malicious code in bioql PyPI...
Privilege Escalation
Kubernetes is vulnerable to Privilege Escalation. The vulnerability is due to improper access control because node users can patch their node object with an OwnerReference to a cluster-scoped resource, leading to unintended node deletion via garbage collection...
CVE-2023-30512
CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...
Linux Distros Unpatched Vulnerability : CVE-2017-1000056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any...
PT-2023-7482 · Cubefs · Cubefs
Name of the Vulnerable Software and Affected Versions: CubeFS versions 3.2.1 and earlier Description: The issue is related to incorrect permission assignment for a critical resource in CubeFS, a cloud data storage system. This can allow a remote attacker to gain unauthorized access to the device...