GHSA-JH36-Q97C-9928 Kubernetes vulnerable to validation bypass

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

Input validation

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

CVE-2022-3294

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

Oracle Linux 7 : kubernetes (ELSA-2022-10033)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10033 advisory. - Addresses CVE-2022-3294 & CVE-2022-3162 - Addresses CVE-2022-3172 olcne - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21 - Resolv...

PT-2022-5430 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: A bug in the Kubernetes API server allows bypassing validation of node proxying addresses. This could enable an attacker to send authenticated requests to the API server's private networ...