Kubernetes@- Security Vulnerabilities and Issues — Kubernetes@- CVE List

Lucene search

KubernetesKubernetes-

5 matches found

CVE•added 2016/02/03 6:59 p.m.•82 views

CVE-2016-1905

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.

7.7CVSS7AI score0.00133EPSS

CVE•added 2016/02/03 6:59 p.m.•79 views

CVE-2016-1906

Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

10CVSS8.4AI score0.01555EPSS

CVE•added 2021/09/20 5:15 p.m.•67 views

CVE-2021-25740

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

3.5CVSS3.4AI score0.00535EPSS

CVE•added 2017/08/07 5:29 p.m.•51 views

CVE-2015-7561

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.

3.5CVSS3.8AI score0.00139EPSS

CVE•added 2018/09/10 2:29 p.m.•47 views

CVE-2016-7075

It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

8.1CVSS8AI score0.00301EPSS