618 matches found
Kubelet vulnerable to bypass of seccomp profile enforcement
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
DEBIAN-CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
Design/Logic Flaw
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
UBUNTU-CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431 Bypass of seccomp profile enforcement
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431
CVE-2023-2431 describes a Kubernetes Kubelet vulnerability where pods using a localhost seccomp profile with an empty profile field can run with seccomp disabled, bypassing profile enforcement. Impact: affected pods may execute unconfined, potentially widening their ability to access host resourc...
CVE-2023-2431 Bypass of seccomp profile enforcement
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
CVE-2023-2431
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...
Kubernetes 安全漏洞
Kubernetes K8s is an open source system from the Cloud Native Computing Foundation for automating the deployment, scaling, and management of containerized applications. A security vulnerability exists in Kubernetes Kubelet that stems from a setting that allows Pods to bypass seccomp configuration...
PT-2023-3615 · Kubelet +2 · Kubelet +2
Name of the Vulnerable Software and Affected Versions: Kubelet affected versions not specified Description: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field ar...
Improper Access Control
github.com/kyverno/kyverno is vulnerable to Improper Access Control. The vulnerability exists when using the validate.podSecurity subrule which allows an attacker to circumvent seccomp control...
CVE-2023-33191
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
Code injection
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2023-33191 kyverno seccomp control can be circumvented
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2023-33191 kyverno seccomp control can be circumvented
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2023-33191
CVE-2023-33191 affects Kyverno, a Kubernetes policy engine. The vulnerability lies in the seccomp control used by the podSecurity validate.podSecurity subrule, making Kyverno versions 1.9.2 and 1.9.3 vulnerable to circumvention of seccomp controls. The issue was fixed in version 1.9.4. Reported s...
Kyverno 安全漏洞
Kyverno is an open source policy engine for Kubernetes by Kyverno. A security vulnerability exists in Kyverno version 1.9.2, 1.9.3, which stems from the fact that Kyverno seccomp controls can be circumvented...