20 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1002101
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type...
RHEL 7 : kubernetes (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kubernetes: Privilege escalation in the PodSecurityPolicy admission plugin CVE-2017-1000056 - In Kubernet...
K000134748: Kubernetes vulnerabilities CVE-2019-1002100, CVE-2019-11254, CVE-2017-1002101, and CVE-2017-1002102
Security Advisory Description CVE-2019-1002100 In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" e.g. kubectl patch --type json or "Content-Type:...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Kubernetes (CVE-2021-25741)
Summary Security Vulnerabilities affect IBM Cloud Private - Kubernetes Vulnerability Details CVEID: CVE-2021-25741 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to bypass security restrictions, caused by a symlink exchange flaw in kubelet. By sending a specially-crafted...
Files or Directories Accessible to External Parties in kubernetes
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
Files or Directories Accessible to External Parties
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
CVE-2021-25741
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
CVE-2021-25741
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
Design/Logic Flaw
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
CVE-2021-25741
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
CVE-2021-25741
CVE-2021-25741 concerns Kubernetes kubelet subpath volume mounts allowing access to files outside the mounted volume, including host paths. Affected products are various Kubernetes releases; multiple Mariner/ALT Linux entries indicate packages with this CVE and note that a patched version is avai...
CVE-2021-25741 Symlink Exchange Can Allow Host Filesystem Access
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
CVE-2021-25741 Symlink Exchange Can Allow Host Filesystem Access
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...
kubernetes input validation error vulnerability
Kubernetes is an open source Docker container cluster management system from the American Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scale-up and scale-down for containerized applications. kubernetes has a security vulnerability that c...
Kubernetes 输入验证错误漏洞
Kubernetes is an open source Docker container cluster management system from the American Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scale-up and scale-down for containerized applications. kubernetes has a security vulnerability that c...
Kubernetes 1.3.x < 1.7.14 / 1.8.x < 1.8.9 / 1.9.x < 1.9.4 multiple vulnerabilities
The version of Kubernetes installed on the remote host is version 1.3.x prior to 1.7.14, 1.8.x prior to 1.8.9 or 1.9.x prior to 1.9.4. It is, therefore, affected by multiple vulnerabilities. - An arbitrary file access vulnerability exists in containers using subpath volume mounts. An authenticate...
Directory Traversal
github.com/kubernetes/kubernetes is vulnerable to directory traversal attacks. Containers using subpath volume mounts can access files and directories outside of the volume, this includes other files on the hosts' system...
Directory Traversal
github.com/kubernetes/kubernetes is vulnerable to directory traversal attacks. Containers using subpath volume mounts can access files and directories outside of the volume, this includes other files on the hosts' system...
CVE-2017-1002101
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type including non-privileged pods, subject to file permissions can access files/directories outside of the volume, including the host's filesyste...
CVE-2017-1002101
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type including non-privileged pods, subject to file permissions can access files/directories outside of the volume, including the host's filesyste...