Lucene search
+L

50 matches found

OSV
OSV
added 2023/07/03 8:6 p.m.19 views

CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/07/03 12:0 a.m.31 views

Oracle Linux 7 : kubernetes (ELSA-2023-12562)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12562 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 Tenable has extracted the preceding description block directly from the Oracle Linux...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/07/03 12:0 a.m.35 views

Oracle Linux 8 : kubernetes (ELSA-2023-12564)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12564 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - CVE-2023-27496 - CVE-2023-27488 - CVE-2023-27493 - CVE-2023-27492 - CVE-2023-27491 -...

10CVSS6.8AI score0.02701EPSS
Exploits9References3
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.28 views

SUSE SLES15: kubernetes1.23-apiserver / kubernetes1.23-client / etc (SUSE-SU-2023:2543-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2543-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. -...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.30 views

SUSE SLES15: kubernetes1.24-apiserver / kubernetes1.24-client / etc (SUSE-SU-2023:2544-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2544-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. -...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.34 views

SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2542-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2542-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. - CVE-2023-2728: Fixed...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/06/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:2542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02157EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2023/06/15 5:46 a.m.38 views

CVE-2023-2728

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.8 views

PT-2023-21049 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue allows users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. This policy ensures...

7.7CVSS6.5AI score0.99999EPSS
Exploits21References144
Kubernetes Security Advisories
Kubernetes Security Advisories
added 2023/06/13 2:42 p.m.6 views

Bypassing policies imposed by the ImagePolicyWebhook and bypassing mountable secrets policy imposed by the ServiceAccount admission plugin

CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin CVSS Rating: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N A security issue was discovered in Kubernetes where users may be able to launch containers using images that are restricted by ImagePolicyWebhook when usi...

6.5CVSS6.4AI score0.02157EPSS
Exploits1Affected Software1
Rows per page
Query Builder