A security issue was discovered in kube-apiserver that allows anaggregated API server to redirect client traffic to any URL. This couldlead to the client performing unexpected actions as well as forwardingthe client's API server credentials to third parties.
8.2CVSS
7.9AI Score
0.001EPSS
A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Con...
6.3CVSS
6AI Score
0.001EPSS