cpe:2.3:a:kubernetes:kubernetes:1.17.3:beta0:*:*:*:*:*:*
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.
Max CVSS
8.8
EPSS Score
0.10%
Published
2021-09-20
Updated
2021-11-30
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
Max CVSS
4.9
EPSS Score
0.06%
Published
2021-09-06
Updated
2021-10-07
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
Max CVSS
6.5
EPSS Score
0.07%
Published
2021-09-06
Updated
2023-06-26
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!