Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
kubernetes-security-announce
Conversations
About
kubernetes-security-announce
Contact owners and managers
1–30 of 69
Mark all as read
Report abusive group
0 selected
Craig Ingram
Nov 14
[Security Advisory] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Nov 14
CJ Cullen
Oct 25
[Ingress-nginx Security Advisory] CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/
unread,
[Ingress-nginx Security Advisory] CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/
Oct 25
CJ Cullen
Oct 25
[Ingress-nginx Security Advisory] CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/
unread,
[Ingress-nginx Security Advisory] CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/
Oct 25
CJ Cullen
Oct 25
[Ingress-nginx Security Advisory] CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed with `log_format` directive
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Ingress-nginx Security Advisory] CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed with `log_format` directive
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
Oct 25
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
CJ Cullen
Jun 21
[kOps Security Advisory] CVE-2023-1943: Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
Issue Details A security issue was reported in kOps with the GCP Provider running in Gossip Mode,
unread,
[kOps Security Advisory] CVE-2023-1943: Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
Issue Details A security issue was reported in kOps with the GCP Provider running in Gossip Mode,
Jun 21
Rita Zhang
Jun 15
[Security Advisory] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
unread,
[Security Advisory] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
Jun 15
Rita Zhang
Jun 15
[Security Advisory] CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
unread,
[Security Advisory] CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
Jun 15
Vellore Rajakumar, Sri Saran Balaji
Jun 14
[Security Advisory] CVE-2023-2431: Bypass of seccomp profile enforcement
Hello Kubernetes Community, A security issue was discovered in Kubelet that allows pods to bypass the
unread,
[Security Advisory] CVE-2023-2431: Bypass of seccomp profile enforcement
Hello Kubernetes Community, A security issue was discovered in Kubelet that allows pods to bypass the
Jun 14
Monis Khan
May 25
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
unread,
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
May 25
Vellore Rajakumar, Sri Saran Balaji
Apr 12
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
unread,
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
Apr 12
CJ Cullen
Jan 31
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
unread,
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
Jan 31
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
unread,
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
11/10/22
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
unread,
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
11/10/22
Monis Khan
9/16/22
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an
unread,
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
Hello Kubernetes Community, A security issue was discovered in kube-apiserver that allows an
9/16/22
Pushkar Joglekar
9/15/22
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
unread,
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
9/15/22
Hausler, Micah
7/11/22
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
unread,
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
7/11/22
CJ Cullen
6/10/22
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
6/10/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
Tabitha Sable
1/6/22
[Security Advisory] vSphere storage e2e test suite logging credentials
Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage
unread,
[Security Advisory] vSphere storage e2e test suite logging credentials
Hello Kubernetes Community, We have become aware that the default configuration for vSphere storage
1/6/22
CJ Cullen
12/24/21
[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities
Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to
unread,
[Security Advisory] fluentd-elasticsearch addon updates for log4j vulnerabilities
Hello Kubernetes Community, Elastic has released updated images for Elasticsearch containing fixes to
12/24/21
CJ Cullen
10/21/21
[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can
unread,
[Security Advisory] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
Hello Kubernetes Community, A security issue was discovered in ingress-nginx where a user that can
10/21/21
Hausler, Micah
9/15/21
[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver
Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control
unread,
[Security Advisory] CVE-2020-8561: Webhook redirect in kube-apiserver
Hello Kubernetes Community, A security issue was discovered in Kubernetes where actors that control
9/15/21
CJ Cullen
9/15/21
[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to
unread,
[Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user may be able to
9/15/21
CJ Cullen
7/14/21
[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding
Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users
unread,
[Security Advisory] CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding
Hello Kubernetes Community, A security issue was discovered with Kubernetes that could enable users
7/14/21
CJ Cullen
5/18/21
[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to
unread,
[Security Advisory] CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to
5/18/21
Tim Allclair
5/17/21
[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing
Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library
unread,
[Kubernetes Java Client] CVE-2021-25738: Code exec via yaml parsing
Hello Kubernetes Community, A security issue was discovered in the Kubernetes Java client library
5/17/21