kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin

A flaw was found in Kubernetes' kube-apiserver. This flaw allows authenticated users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated...

AZL-40016 CVE-2024-3177 affecting package kubernetes for versions less than 1.30.1-1

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...

PT-2024-3763

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when usi...

kube-apiserver: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...