CVSS: 8.5EPSS: 1%CPEs: 5EXPL: 1CVE-2022-3172 – Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
https://notcve.org/view.php?id=CVE-2022-3172
18 Jan 2023 — A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. Se descubrió un problema de seguridad en kube-apiserver que permite que un servidor API agregado redirija el tráfico del cliente a cualquier URL. Esto podría llevar a que el cliente realice acciones inesperadas, así como a que reenvíe las credenciale... • https://github.com/UgOrange/CVE-2022-3172 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3466 – Cri-o: security regression of cve-2022-27652
https://notcve.org/view.php?id=CVE-2022-3466
18 Jan 2023 — The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. This issue could allow an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. For mor... • https://access.redhat.com/errata/RHSA-2022:7398 • CWE-276: Incorrect Default Permissions •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2995 – cri-o: incorrect handling of the supplementary groups
https://notcve.org/view.php?id=CVE-2022-2995
19 Sep 2022 — Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. Un manejo incorrecto de los grupos suplementarios en el motor de contenedores CRI-O podría conllevar a una divulgación de información confidencial o la posible modificación de datos... • https://github.com/cri-o/cri-o/pull/6159 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2385 – AccessKeyID validation bypass
https://notcve.org/view.php?id=CVE-2022-2385
12 Jul 2022 — A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. Se ha detectado un problema de seguridad en aws-iam-authenticator donde una identidad IAM permitida puede ser capaz de modificar su nombre de usuario y escalar privilegios An update that fixes one vulnerability is now available. This update for aws-iam-authenticator fixes the following issues. Fixed AccessKeyID validation bypass. • https://github.com/kubernetes-sigs/aws-iam-authenticator/issues/472 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2022-1708 – cri-o: memory exhaustion on the node when access to the kube api
https://notcve.org/view.php?id=CVE-2022-1708
07 Jun 2022 — A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the ... • https://bugzilla.redhat.com/show_bug.cgi?id=2085361 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25746 – Ingress-nginx directive injection via annotations
https://notcve.org/view.php?id=CVE-2021-25746
06 May 2022 — A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. Se ha detectado un problema de seguridad en ingress-nginx en el que un usuario que puede crear o actualizar objetos ingress puede usar .metadata.annotations en... • https://github.com/kubernetes/ingress-nginx/issues/8503 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25745 – Ingress-nginx path can be pointed to service account token file
https://notcve.org/view.php?id=CVE-2021-25745
06 May 2022 — A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. Se ha detectado un problema de seguridad en ingress-nginx en el que un usuario que puede crear o actualizar objetos ingress puede usar el ca... • https://github.com/kubernetes/ingress-nginx/issues/8502 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-27652 – cri-o: Default inheritable capabilities for linux container should be empty
https://notcve.org/view.php?id=CVE-2022-27652
18 Apr 2022 — A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. Se ha encontrado un fallo en cri-o, donde los contenedores eran iniciados incorrectamente con permisos po... • https://bugzilla.redhat.com/show_bug.cgi?id=2066839 • CWE-276: Incorrect Default Permissions •
CVSS: 9.0EPSS: 25%CPEs: 5EXPL: 1CVE-2022-0811 – CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
https://notcve.org/view.php?id=CVE-2022-0811
16 Mar 2022 — A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. Se ha encontrado un fallo en CRI-O en la forma de establecer las opciones del kernel para un pod. Este problema permite a cualquier persona con derechos desplegar un pod en un clúster Kubernetes que usa el tiemp... • https://github.com/spiarh/webhook-cve-2022-0811 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0532 – cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host
https://notcve.org/view.php?id=CVE-2022-0532
09 Feb 2022 — An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace. Se ha encontrado una vulnerabilidad de comprobación incorrecta de sysctls en CRI-O versiones 1.18 y anteriores. Las sysctls de la lista de sysctls "safe" especificadas para el cluster serán aplicadas al host si un atacante es capaz de crear un... • https://bugzilla.redhat.com/show_bug.cgi?id=2051730 • CWE-732: Incorrect Permission Assignment for Critical Resource •