GHSA-HWM2-4PH6-W6M5 Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user

Impact The restricted pod security policy PSP, provided in Rancher versions from 2.0 up to and including 2.6.3, has a deviation from the upstream restricted policy provided in Kubernetes, in which Rancher's PSP has runAsUser set to runAsAny, while upstream has runAsUser set to MustRunAsNonRoot...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to the restricted pod security policy having runAsUser set to runAsAny, which allows containers to run as any user, including privileged users, even when the policy is enforced. An attacker can escalate...

Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user

Impact The restricted pod security policy PSP, provided in Rancher versions from 2.0 up to and including 2.6.3, has a deviation from the upstream restricted policy provided in Kubernetes, in which Rancher's PSP has runAsUser set to runAsAny, while upstream has runAsUser set to MustRunAsNonRoot...

How to attach files in Secure Mail keeping the policy restricted

In Secure Mail/WorxMail versions 10.3.5 and later, Android users can't attach images directly from the Gallery app when the Inbound document exchange Open-in policy is set to Restricted. If you want to keep this policy set to Restricted but still allow users to add photos from the Gallery, follow...

Unspecified Vulnerability in Google Kubernetes API Server

Google Kubernetes is an open source Docker container cluster management system. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. A security vulnerability in Google Kubernetes' API server allows remote...