CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-2727 – Bypassing policies imposed by the ImagePolicyWebhook admission plugin
https://notcve.org/view.php?id=CVE-2023-2727
03 Jul 2023 — Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. A flaw was found in Kubernetes, where users may be able to launch containers using images restricted by the ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together wi... • http://www.openwall.com/lists/oss-security/2023/07/06/2 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2431 – Bypass of seccomp profile enforcement
https://notcve.org/view.php?id=CVE-2023-2431
16 Jun 2023 — A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet. A flaw was found in Kubernetes. • https://github.com/kubernetes/kubernetes/issues/118690 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2878 – Kubernetes secrets-store-csi-driver discloses service account tokens in logs
https://notcve.org/view.php?id=CVE-2023-2878
07 Jun 2023 — Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. • https://github.com/kubernetes/kubernetes/issues/118419 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25748 – Ingress-nginx `path` sanitization can be bypassed with newline character
https://notcve.org/view.php?id=CVE-2021-25748
24 May 2023 — A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. • https://github.com/kubernetes/ingress-nginx/issues/8686 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1944 – [minikube] ssh server with default password
https://notcve.org/view.php?id=CVE-2023-1944
24 May 2023 — This vulnerability enables ssh access to minikube container using a default password. • https://github.com/kubernetes/minikube • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-1174 – [minikube] Network Port exposure in minikube running on macOS using Docker driver
https://notcve.org/view.php?id=CVE-2023-1174
24 May 2023 — This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. • https://groups.google.com/g/kubernetes-security-announce/c/2ZkJFMDTKbM • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-4318 – Cri-o: /etc/passwd tampering privesc
https://notcve.org/view.php?id=CVE-2022-4318
05 Apr 2023 — A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. Se encontró una vulnerabilidad en cri-o. Este problema permite la adición de líneas arbitrarias en /etc/passwd mediante el uso de una variable de entorno especialmente manipulada. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. • https://access.redhat.com/errata/RHSA-2023:1033 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3294 – Node address isn't always verified when proxying
https://notcve.org/view.php?id=CVE-2022-3294
01 Mar 2023 — Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing thi... • https://github.com/kubernetes/kubernetes/issues/113757 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25749 – runAsNonRoot logic bypass for Windows containers
https://notcve.org/view.php?id=CVE-2021-25749
30 Jan 2023 — Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. A flaw was found in Kubernetes. This issue allows Windows workloads to run as a ContainerAdministrator even when the workloads set the runAsNonRoot option to true. Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include bypass and denial of service vulnerabilities. • https://groups.google.com/g/kubernetes-security-announce/c/qqTZgulISzA • CWE-284: Improper Access Control CWE-842: Placement of User into Incorrect Group •
CVSS: 8.5EPSS: 1%CPEs: 5EXPL: 1CVE-2022-3172 – Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
https://notcve.org/view.php?id=CVE-2022-3172
18 Jan 2023 — A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. Se descubrió un problema de seguridad en kube-apiserver que permite que un servidor API agregado redirija el tráfico del cliente a cualquier URL. Esto podría llevar a que el cliente realice acciones inesperadas, así como a que reenvíe las credenciale... • https://github.com/UgOrange/CVE-2022-3172 • CWE-918: Server-Side Request Forgery (SSRF) •