kubernetes-security-announce

1–30 of 58

0 selected

May 25

[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs

Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an

unread,

[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs

Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an

May 25

Vellore Rajakumar, Sri Saran Balaji

Apr 12

[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password

Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in

unread,

[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password

Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in

Apr 12

Jan 31

[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471

Issue Details A security issue was discovered in the Kubernetes Java client library where loading

unread,

[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471

Issue Details A security issue was discovered in the Kubernetes Java client library where loading

Jan 31

11/10/22

[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying

Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access

unread,

[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying

Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access

11/10/22

11/10/22

[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources

Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to

unread,

[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources

Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to

11/10/22

9/16/22

[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)

Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an

unread,

[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)

Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an

9/16/22

Pushkar Joglekar

9/15/22

[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers

Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows

unread,

[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers

Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows

9/15/22

7/11/22

[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass

Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-

unread,

[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass

Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-

7/11/22

6/10/22

[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

unread,

[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

6/10/22

4/22/22

[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

unread,

[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

4/22/22

4/22/22

[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

unread,

[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file

Issue Details A security issue was discovered in ingress-nginx where a user that can create or update

4/22/22

1/6/22

[Security Advisory] vSphere storage e2e test suite logging credentials

Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage

unread,

[Security Advisory] vSphere storage e2e test suite logging credentials

Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage

1/6/22

12/24/21

[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities

Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to

unread,

[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities

Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to

12/24/21

10/21/21

[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can

unread,

[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can

10/21/21

9/15/21

[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver

Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control

unread,

[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver

Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control

9/15/21

9/15/21

[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access

Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to

unread,

[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access

Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to

9/15/21

7/14/21

[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding

Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users

unread,

[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding

Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users

7/14/21

5/18/21

[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to

unread,

[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to

5/18/21

5/17/21

[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing

Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library

unread,

[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing

Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library

5/17/21

Swamy Shivaganga Nagaraju

5/10/21

[Security Advisory] CVE-2021-25736: Windows kube-proxy LoadBalancer contention

Hello Kubernetes Community, A security issue was discovered in the Windows version of kube-proxy

unread,

[Security Advisory] CVE-2021-25736: Windows kube-proxy LoadBalancer contention

Hello Kubernetes Community, A security issue was discovered in the Windows version of kube-proxy

5/10/21

5/4/21

[Security Advisory] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU

Hello Kubernetes Community, A security issue was discovered in Kubernetes where an authorized user

unread,

[Security Advisory] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU

Hello Kubernetes Community, A security issue was discovered in Kubernetes where an authorized user

5/4/21

4/14/21

CVE-2021-25735: Validating Admission Webhook does not observe some previous fields

A security issue was discovered in kube-apiserver that could allow node updates to bypass a

unread,

CVE-2021-25735: Validating Admission Webhook does not observe some previous fields

A security issue was discovered in kube-apiserver that could allow node updates to bypass a

4/14/21

1/11/21

Fwd: [Security Advisory] CVE-2020-8570: Path Traversal bug in the Java Kubernetes Client

---------- Forwarded message --------- From: 'Brendan Burns' via kubernetes-security-discuss

unread,

Fwd: [Security Advisory] CVE-2020-8570: Path Traversal bug in the Java Kubernetes Client

---------- Forwarded message --------- From: 'Brendan Burns' via kubernetes-security-discuss

1/11/21

CJ Cullen, Tim Allclair2

12/15/20

Fwd: [Security Advisory] [CSI snapshot-controller] CVE-2020-8569: snapshot-controller DoS

Correction: Affected versions include v2.1.0 - v2.1.2. A new version, v2.1.3 has been released with

unread,

Fwd: [Security Advisory] [CSI snapshot-controller] CVE-2020-8569: snapshot-controller DoS

Correction: Affected versions include v2.1.0 - v2.1.2. A new version, v2.1.3 has been released with

12/15/20

12/7/20

[Security Advisory] CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs

Hello Kubernetes Community, A security issue was discovered with Kubernetes affecting multitenant

unread,

[Security Advisory] CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs

Hello Kubernetes Community, A security issue was discovered with Kubernetes affecting multitenant

12/7/20

10/15/20

[Security Advisory] Multiple secret leaks when verbose logging is enabled

Hello Kubernetes Community, Multiple security issues have been discovered in Kubernetes that allow

unread,

[Security Advisory] Multiple secret leaks when verbose logging is enabled

Hello Kubernetes Community, Multiple security issues have been discovered in Kubernetes that allow

10/15/20

7/15/20

[Security Advisory] CVE-2020-8559: Privilege escalation from compromised node to cluster

Hello Kubernetes Community, A security issue was discovered in the kube-apiserver that could enable a

unread,

[Security Advisory] CVE-2020-8559: Privilege escalation from compromised node to cluster

Hello Kubernetes Community, A security issue was discovered in the kube-apiserver that could enable a

7/15/20

7/15/20

[Security Advisory] CVE-2020-8557: Node disk DOS by writing to container /etc/hosts

Hello Kubernetes Community, A security issue was discovered in kubelet that could result in the

unread,

[Security Advisory] CVE-2020-8557: Node disk DOS by writing to container /etc/hosts

Hello Kubernetes Community, A security issue was discovered in kubelet that could result in the

7/15/20

7/8/20

[Security Advisory] CVE-2020-8558: Kubernetes: Node setting allows for neighboring hosts to bypass localhost boundary

Apologies for the extra email, but an error was discovered in the original announcement from earlier

unread,

[Security Advisory] CVE-2020-8558: Kubernetes: Node setting allows for neighboring hosts to bypass localhost boundary

Apologies for the extra email, but an error was discovered in the original announcement from earlier

7/8/20

6/1/20

IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Hi Kubernetes Community, A container networking vulnerability has been disclosed. Issue details: A

unread,

IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Hi Kubernetes Community, A container networking vulnerability has been disclosed. Issue details: A

6/1/20

Search

Clear search

Close search

Google apps

Main menu