Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
kubernetes-security-discuss
Conversations
About
kubernetes-security-discuss
1–30 of 110
Public discussion forum for the
Kubernetes Release Process
.
Do NOT post security issues here. Follow the
Kubernetes Security Disclosure
process.
Mark all as read
Report abusive group
0 selected
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
Rita Zhang
Aug 23
[Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
unread,
[Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
Hello Kubernetes Community, A security issue was discovered in Kubernetes where a user that can
Aug 23
Yogesh Mittal
Aug 10
Re: How can we serve Open Source CNA's better?
Hello there I just thought to reach out and share that we are excited and looking forward to your
unread,
Re: How can we serve Open Source CNA's better?
Hello there I just thought to reach out and share that we are excited and looking forward to your
Aug 10
CJ Cullen
Jun 21
[kOps Security Advisory] CVE-2023-1943: Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
Issue Details A security issue was reported in kOps with the GCP Provider running in Gossip Mode,
unread,
[kOps Security Advisory] CVE-2023-1943: Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
Issue Details A security issue was reported in kOps with the GCP Provider running in Gossip Mode,
Jun 21
Vellore Rajakumar, Sri Saran Balaji
, …
Vellore Rajakumar, Sri Saran Balaji
3
Jun 15
[Security Advisory] CVE-2023-2431: Bypass of seccomp profile enforcement
Thank you Sean for reporting this. CVE details are not yet published to CVE service, should be
unread,
[Security Advisory] CVE-2023-2431: Bypass of seccomp profile enforcement
Thank you Sean for reporting this. CVE details are not yet published to CVE service, should be
Jun 15
Rita Zhang
,
Red Hat Product Security
2
Jun 15
[Security Advisory] CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
Hello! INC2647624 ([Security Advisory] CVE-2023-2727: Bypassing policies imposed by the
unread,
[Security Advisory] CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin
Hello! INC2647624 ([Security Advisory] CVE-2023-2727: Bypassing policies imposed by the
Jun 15
Rita Zhang
Jun 15
[Security Advisory] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
unread,
[Security Advisory] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may be able to
Jun 15
fripSide
Jun 5
[Security Issue] Warning the insecure usages of eBPF
Hello, I'm writing this thread to uncover the hazards of eBPF misuse to the Docker and Kuberentes
unread,
[Security Issue] Warning the insecure usages of eBPF
Hello, I'm writing this thread to uncover the hazards of eBPF misuse to the Docker and Kuberentes
Jun 5
Monis Khan
May 25
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
unread,
[Security Advisory] CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs
Hello Kubernetes Community, A security issue was discovered in secrets-store-csi-driver where an
May 25
Abdullah, Mohammad
May 17
Found 1 critical and 4 high vulnerabilities in kube-state-metrics:v2.8.2
Hi All, Find below the 4 high and 1 critical vulnerability found in kube-state-metrics:v2.8.2 image.
unread,
Found 1 critical and 4 high vulnerabilities in kube-state-metrics:v2.8.2
Hi All, Find below the 4 high and 1 critical vulnerability found in kube-state-metrics:v2.8.2 image.
May 17
Vellore Rajakumar, Sri Saran Balaji
Apr 12
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
unread,
[Security Advisory] CVE-2023-1174, CVE-2023-1944: Network port exposure and ssh access using default password
Hello Kubernetes Community, We have released minikube v1.30.0 to address two security issues in
Apr 12
Man, Eric W L
Feb 5
FW: [EXTN] Re: node-problem-detector image Vulnerabilities
Hi All, We are scanning image node-problem-detector:v0.8.12 and found that this image have many
unread,
FW: [EXTN] Re: node-problem-detector image Vulnerabilities
Hi All, We are scanning image node-problem-detector:v0.8.12 and found that this image have many
Feb 5
CJ Cullen
Jan 31
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
unread,
[Kubernetes Java Client] Kubernetes Java client impacted by CVE-2022-1471
Issue Details A security issue was discovered in the Kubernetes Java client library where loading
Jan 31
Satish Suradkar
,
Justin Santa Barbara
2
Jan 31
Fwd: EOL in sigs.k8s.io/yaml
I wasn't able to find any documentation that this library is actually EOL - do you have a source
unread,
Fwd: EOL in sigs.k8s.io/yaml
I wasn't able to find any documentation that this library is actually EOL - do you have a source
Jan 31
Taathastu Roy
Jan 17
AWS Cloud Lead Developer
AWS Cloud Lead Developer needed in Plano, TX, Columbus, OH, Wilmington, DE, or NY. Onsite position
unread,
AWS Cloud Lead Developer
AWS Cloud Lead Developer needed in Plano, TX, Columbus, OH, Wilmington, DE, or NY. Onsite position
Jan 17
Aarya
Jan 17
OpenShift Devops Position - Remote
Hello, Aarya here from Blink Technology Partners! At the moment, I am fulfilling the requirements of
unread,
OpenShift Devops Position - Remote
Hello, Aarya here from Blink Technology Partners! At the moment, I am fulfilling the requirements of
Jan 17
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
unread,
[Security Advisory] CVE-2022-3294: Node address isn't always verified when proxying
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users may have access
11/10/22
Tim Allclair
11/10/22
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
unread,
[Security Advisory] CVE-2022-3162: Unauthorized read of Custom Resources
Hello Kubernetes Community, A security issue was discovered in Kubernetes where users authorized to
11/10/22
Monis Khan
,
Michał Sochoń
2
9/16/22
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
my eyes On Fri, 16 Sept 2022 at 21:38, Monis Khan <i...@monis.app> wrote: > > Hello
unread,
[Security Advisory] CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)
my eyes On Fri, 16 Sept 2022 at 21:38, Monis Khan <i...@monis.app> wrote: > > Hello
9/16/22
Pushkar Joglekar
9/15/22
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
unread,
[Security Advisory] CVE-2021-25749: runAsNonRoot logic bypass for Windows containers
Hello Kubernetes Community, A security issue was discovered in Kubernetes that could allow Windows
9/15/22
Priyanka Makhija
8/5/22
Report OS Vulnerability with external-dns image
Hi Team, I am trying to use external-dns in my organisation. It is a compliance mandate to scan the
unread,
Report OS Vulnerability with external-dns image
Hi Team, I am trying to use external-dns in my organisation. It is a compliance mandate to scan the
8/5/22
Jesire Belleza
,
Luke Hinds
2
8/3/22
external-dns vulnerability
Hi Jesire I already replied to this in a different thread, pasting my reply here; Thanks for letting
unread,
external-dns vulnerability
Hi Jesire I already replied to this in a different thread, pasting my reply here; Thanks for letting
8/3/22
Jesire Belleza
,
Luke Hinds
2
8/1/22
external-dns vulnerability finding
Hi Jesire, Thanks for letting us know. As this is an indirect dependency (you don't use jwt
unread,
external-dns vulnerability finding
Hi Jesire, Thanks for letting us know. As this is an indirect dependency (you don't use jwt
8/1/22
Hausler, Micah
7/11/22
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
unread,
[Security Advisory] CVE-2022-2385: AccessKeyID validation bypass
Hello Kubernetes Community, A security issue was discovered in aws-iam-authenticator where an allow-
7/11/22
CJ Cullen
,
Red Hat Product Security
2
6/15/22
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Hello! INC2245575 ([Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be
unread,
[Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be bypassed with newline character
Hello! INC2245575 ([Security Advisory] CVE-2021-25748: Ingress-nginx `path` sanitization can be
6/15/22
Jonathan Bonami-McRae
5/16/22
ingress-nginx-v1.2.0 potential vulnerability
Hello, We're running ingress-nginx v1.2.0 and are showing the following vulnerabilities when
unread,
ingress-nginx-v1.2.0 potential vulnerability
Hello, We're running ingress-nginx v1.2.0 and are showing the following vulnerabilities when
5/16/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25746: Ingress-nginx directive injection via annotations
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
CJ Cullen
4/22/22
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
unread,
[Security Advisory] CVE-2021-25745: Ingress-nginx `path` can be pointed to service account token file
Issue Details A security issue was discovered in ingress-nginx where a user that can create or update
4/22/22
王韵
,
樊尚享
4
3/14/22
How to fix IP Forwarding issue in K8s env
Hi , For security guideline of Kubernetes cluster, please refer to CIS Kubernetes Benchmarks (
unread,
How to fix IP Forwarding issue in K8s env
Hi , For security guideline of Kubernetes cluster, please refer to CIS Kubernetes Benchmarks (
3/14/22