Vulnerabilities > Kubernetes > Kubernetes > 1.12.10

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-5528 A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes.
network
low complexity
kubernetes fedoraproject
8.8
2023-10-31 CVE-2023-3676 Improper Input Validation vulnerability in Kubernetes
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes.
network
low complexity
kubernetes CWE-20
8.8
2023-10-31 CVE-2023-3955 Improper Input Validation vulnerability in Kubernetes
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes.
network
low complexity
kubernetes CWE-20
8.8
2023-07-03 CVE-2023-2727 Unspecified vulnerability in Kubernetes
Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers.
network
low complexity
kubernetes
6.5
2023-07-03 CVE-2023-2728 Unspecified vulnerability in Kubernetes
Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.
network
low complexity
kubernetes
6.5
2023-06-16 CVE-2023-2431 A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement.
local
low complexity
kubernetes fedoraproject
5.5
2023-03-01 CVE-2022-3162 Path Traversal vulnerability in Kubernetes
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization.
network
low complexity
kubernetes CWE-22
6.5
2023-03-01 CVE-2022-3294 Unspecified vulnerability in Kubernetes
Users may have access to secure endpoints in the control plane network.
network
low complexity
kubernetes
8.8
2022-02-01 CVE-2020-8562 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Kubernetes
As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers.
3.5
2022-01-07 CVE-2021-25743 Unspecified vulnerability in Kubernetes
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal.
network
high complexity
kubernetes
2.1