Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Kubernetes Subscribe
Total 70 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3294 1 Kubernetes 1 Kubernetes 2023-03-08 N/A 8.8 HIGH
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.
CVE-2022-3162 1 Kubernetes 1 Kubernetes 2023-03-08 N/A 6.5 MEDIUM
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.
CVE-2019-1002100 2 Kubernetes, Redhat 2 Kubernetes, Openshift Container Platform 2023-03-01 4.0 MEDIUM 6.5 MEDIUM
In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.
CVE-2016-1906 1 Kubernetes 1 Kubernetes 2023-02-12 10.0 HIGH 9.8 CRITICAL
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.
CVE-2016-7075 2 Kubernetes, Redhat 2 Kubernetes, Openshift 2023-02-12 6.8 MEDIUM 8.1 HIGH
It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
CVE-2016-1905 1 Kubernetes 1 Kubernetes 2023-02-12 4.0 MEDIUM 7.7 HIGH
The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.
CVE-2015-7528 2 Kubernetes, Redhat 2 Kubernetes, Openshift 2023-02-12 5.0 MEDIUM 5.3 MEDIUM
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
CVE-2020-8557 1 Kubernetes 1 Kubernetes 2023-01-27 2.1 LOW 5.5 MEDIUM
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.
CVE-2020-8559 1 Kubernetes 1 Kubernetes 2023-01-27 6.0 MEDIUM 6.8 MEDIUM
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
CVE-2020-8552 2 Fedoraproject, Kubernetes 2 Fedora, Kubernetes 2023-01-27 4.0 MEDIUM 4.3 MEDIUM
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
CVE-2020-8551 2 Fedoraproject, Kubernetes 2 Fedora, Kubernetes 2023-01-27 3.3 LOW 6.5 MEDIUM
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
CVE-2021-25746 1 Kubernetes 1 Ingress-nginx 2022-12-02 5.5 MEDIUM 7.1 HIGH
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
CVE-2021-25745 1 Kubernetes 1 Ingress-nginx 2022-12-02 5.5 MEDIUM 8.1 HIGH
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
CVE-2021-25738 1 Kubernetes 1 Java 2022-10-28 4.6 MEDIUM 6.7 MEDIUM
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
CVE-2020-8570 1 Kubernetes 1 Java 2022-10-06 6.4 MEDIUM 9.1 CRITICAL
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.
CVE-2022-2995 1 Kubernetes 1 Cri-o 2022-09-21 N/A 7.1 HIGH
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
CVE-2020-8558 1 Kubernetes 1 Kubernetes 2022-09-20 5.8 MEDIUM 8.8 HIGH
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
CVE-2022-2385 1 Kubernetes 1 Aws-iam-authenticator 2022-07-19 6.0 MEDIUM 8.8 HIGH
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.
CVE-2022-1708 3 Fedoraproject, Kubernetes, Redhat 4 Fedora, Cri-o, Enterprise Linux and 1 more 2022-06-14 7.8 HIGH 7.5 HIGH
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.
CVE-2020-8554 2 Kubernetes, Oracle 4 Kubernetes, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 1 more 2022-05-12 6.0 MEDIUM 5.0 MEDIUM
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.