17 matches found
Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: kubernetes1.35: kubernetes1.35-1.35.6-1.hum1 aarch64, x8664 kubernetes1.35-client-1.35.6-1.hum1 aarch64, x8664 kubernetes1.35-kubeadm-1.35.6-1.hum1 aarch64, x8664...
Incorrect Permission Assignment for Critical Resource
Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to the virt-api component failing to validate the CN field in client TLS certificates against allowed values in the extension-apiserver-authentication configmap. An attacker can...
EUVD-2022-6496
Malicious code in bioql PyPI...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller. An attacker can cause unauthorized deletion of node objects by patching them with an OwnerReference to a cluster-scoped resource, resulting in the node being deleted...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
CVE-2023-22651
Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...
CVE-2025-0426 affecting package kubernetes for versions less than 1.30.10-1
CVE-2025-0426 affecting package kubernetes for versions less than 1.30.10-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-29164
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script which uses XHR calls to interact with the Argo Serv...
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1. An upgraded version of the package is available that resolves this issue...
PT-2024-2562 · Argo Cd · Argo Cd
Name of the Vulnerable Software and Affected Versions: Argo CD versions 1.2.0-rc1 through 2.10.2 Argo CD versions 1.2.0-rc1 through 2.9.7 Argo CD versions 1.2.0-rc1 through 2.8.11 Description: The issue is related to improper validation in Argo CD, a declarative, GitOps continuous delivery tool f...
olcne security update
olcne 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 1.5.4-1 - Upgrade Kubernetes to 1.23.7 1.5.3-1 - Address qemu...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Node disk DOS by writing to container /etc/hosts
CVSS Rating: Medium 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/CR:H/IR:H/AR:M The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it...