Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
kubernetes-security-announce
Conversations
About
kubernetes-security-announce
1–30 of 58
Mark all as read
Report abusive group
0 selected
Monis Khan
May 25
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
unread,
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
May 25
Vellore Rajakumar, Sri Saran Balaji
Apr 12
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
unread,
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
Apr 12
CJ Cullen
Jan 31
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
unread,
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
Jan 31
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
unread,
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
11/10/22
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
unread,
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
11/10/22
Monis Khan
9/16/22
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an
unread,
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an
9/16/22
Pushkar Joglekar
9/15/22
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
unread,
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
9/15/22
Hausler, Micah
7/11/22
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
unread,
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
7/11/22
CJ Cullen
6/10/22
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
6/10/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
Tabitha Sable
1/6/22
[Security Advisory] vSphere storage e2e test suite logging credentials
Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage
unread,
[Security Advisory] vSphere storage e2e test suite logging credentials
Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage
1/6/22
CJ Cullen
12/24/21
[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities
Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to
unread,
[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities
Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to
12/24/21
CJ Cullen
10/21/21
[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can
unread,
[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can
10/21/21
Hausler, Micah
9/15/21
[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver
Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control
unread,
[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver
Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control
9/15/21
CJ Cullen
9/15/21
[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to
unread,
[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to
9/15/21
CJ Cullen
7/14/21
[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding
Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users
unread,
[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding
Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users
7/14/21
CJ Cullen
5/18/21
[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to
unread,
[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to
5/18/21
Tim Allclair
5/17/21
[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing
Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library
unread,
[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing
Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library
5/17/21
Swamy Shivaganga Nagaraju
5/10/21
[Security Advisory] CVE-2021-25736: Windows kube-proxy LoadBalancer contention
Hello Kubernetes Community, A security issue was discovered in the Windows version of kube-proxy
unread,
[Security Advisory] CVE-2021-25736: Windows kube-proxy LoadBalancer contention
Hello Kubernetes Community, A security issue was discovered in the Windows version of kube-proxy
5/10/21
Hausler, Micah
5/4/21
[Security Advisory] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU
Hello Kubernetes Community, A security issue was discovered in Kubernetes where an authorized user
unread,
[Security Advisory] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU
Hello Kubernetes Community, A security issue was discovered in Kubernetes where an authorized user
5/4/21
Tim Allclair
4/14/21
CVE-2021-25735: Validating Admission Webhook does not observe some previous fields
A security issue was discovered in kube-apiserver that could allow node updates to bypass a
unread,
CVE-2021-25735: Validating Admission Webhook does not observe some previous fields
A security issue was discovered in kube-apiserver that could allow node updates to bypass a
4/14/21
Tim Allclair
1/11/21
Fwd: [Security Advisory] CVE-2020-8570: Path Traversal bug in the Java Kubernetes Client
---------- Forwarded message --------- From: 'Brendan Burns' via kubernetes-security-discuss
unread,
Fwd: [Security Advisory] CVE-2020-8570: Path Traversal bug in the Java Kubernetes Client
---------- Forwarded message --------- From: 'Brendan Burns' via kubernetes-security-discuss
1/11/21
CJ Cullen
,
Tim Allclair
2
12/15/20
Fwd: [Security Advisory] [CSI snapshot-controller] CVE-2020-8569: snapshot-controller DoS
Correction: Affected versions include v2.1.0 - v2.1.2. A new version, v2.1.3 has been released with
unread,
Fwd: [Security Advisory] [CSI snapshot-controller] CVE-2020-8569: snapshot-controller DoS
Correction: Affected versions include v2.1.0 - v2.1.2. A new version, v2.1.3 has been released with
12/15/20
Tim Allclair
12/7/20
[Security Advisory] CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs
Hello Kubernetes Community, A security issue was discovered with Kubernetes affecting multitenant
unread,
[Security Advisory] CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs
Hello Kubernetes Community, A security issue was discovered with Kubernetes affecting multitenant
12/7/20
CJ Cullen
10/15/20
[Security Advisory] Multiple secret leaks when verbose logging is enabled
Hello Kubernetes Community, Multiple security issues have been discovered in Kubernetes that allow
unread,
[Security Advisory] Multiple secret leaks when verbose logging is enabled
Hello Kubernetes Community, Multiple security issues have been discovered in Kubernetes that allow
10/15/20
Tim Allclair
7/15/20
[Security Advisory] CVE-2020-8559: Privilege escalation from compromised node to cluster
Hello Kubernetes Community, A security issue was discovered in the kube-apiserver that could enable a
unread,
[Security Advisory] CVE-2020-8559: Privilege escalation from compromised node to cluster
Hello Kubernetes Community, A security issue was discovered in the kube-apiserver that could enable a
7/15/20
Joel Smith
7/15/20
[Security Advisory] CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
Hello Kubernetes Community, A security issue was discovered in kubelet that could result in the
unread,
[Security Advisory] CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
Hello Kubernetes Community, A security issue was discovered in kubelet that could result in the
7/15/20
Joel Smith
2
7/8/20
[Security Advisory] CVE-2020-8558: Kubernetes: Node setting allows for neighboring hosts to bypass localhost boundary
Apologies for the extra email, but an error was discovered in the original announcement from earlier
unread,
[Security Advisory] CVE-2020-8558: Kubernetes: Node setting allows for neighboring hosts to bypass localhost boundary
Apologies for the extra email, but an error was discovered in the original announcement from earlier
7/8/20
Joel Smith
6/1/20
IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
Hi Kubernetes Community, A container networking vulnerability has been disclosed. Issue details: A
unread,
IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
Hi Kubernetes Community, A container networking vulnerability has been disclosed. Issue details: A
6/1/20