47 matches found
EUVD-2022-2835
Malicious code in bioql PyPI...
EUVD-2023-24130
Malicious code in bioql PyPI...
EUVD-2023-23456
Malicious code in bioql PyPI...
Security update for minikube (important)
openSUSE Security Update: Security update for minikube Announcement ID: openSUSE-SU-2025:0318-1 Rating: important References: 1234528 Cross-References: CVE-2024-45337 CVSS scores: CVE-2024-45337 SUSE: 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP...
CVE-2018-1002103
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment...
Exploit for CVE-2025-1974
CVE-2025-1974: Kubernetes Ingress Nginx Controller 취약점 분석 및 Po...
GO-2023-1961 Minikube RCE via DNS Rebinding in k8s.io/minikube
Minikube RCE via DNS Rebinding in k8s.io/minikube...
GHSA-2CGQ-H8XW-2V5J CRI-O vulnerable to an arbitrary systemd property injection
Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...
CRI-O vulnerable to an arbitrary systemd property injection
Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...
The vulnerability of the Kubernetes environment configuration tool for developing and testing applications in minikube lies in its ability to disclose information, allowing attackers to increase their privileges.
The vulnerability of the Kubernetes environment configuration tool for developing and testing applications in minikube relates to the disclosure of information. This vulnerability allows attackers to increase their privileges...
Authentication Bypass
github.com/kubernetes/minikube is vulnerable to Authentication Bypass. The vulnerability exists due to the use of hard-coded credentials which allows a local attacker to use the default password and bypass the login via ssh access to the minikube container...
Privilege Escalation
github.com/kubernetes/minikube is vulnerable to Privilege Escalation. A remote attacker is able to access to the minikube container with elevated privileges due to an exposed network port when minikube is running on macOS with the Docker driver...
CVE-2023-1174
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password...
CVE-2023-1174
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password...
Default credentials
This vulnerability enables ssh access to minikube container using a default password...
Design/Logic Flaw
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
CVE-2023-1944 [minikube] ssh server with default password
This vulnerability enables ssh access to minikube container using a default password...
Minikube 安全漏洞
Minikube is a tool for running Kubernetes locally. Minikube suffers from a security vulnerability that stems from a network port exposure. An attacker can use this vulnerability to remotely access the minikube program...