Vulnerabilities > Kubernetes > Kubernetes > 1.7.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-3676 | Improper Input Validation vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. | 8.8 |
| 2023-10-31 | CVE-2023-3955 | Improper Input Validation vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. | 8.8 |
| 2023-07-03 | CVE-2023-2727 | Unspecified vulnerability in Kubernetes Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. | 6.5 |
| 2023-07-03 | CVE-2023-2728 | Unspecified vulnerability in Kubernetes Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. | 6.5 |
| 2023-06-16 | CVE-2023-2431 | A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. | 5.5 |
| 2023-03-01 | CVE-2022-3162 | Path Traversal vulnerability in Kubernetes Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. | 6.5 |
| 2023-03-01 | CVE-2022-3294 | Unspecified vulnerability in Kubernetes Users may have access to secure endpoints in the control plane network. | 8.8 |
| 2022-02-01 | CVE-2020-8562 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Kubernetes As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. | 3.1 |
| 2022-01-07 | CVE-2021-25743 | Unspecified vulnerability in Kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. | 3.0 |
| 2021-09-20 | CVE-2021-25741 | Files or Directories Accessible to External Parties vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | 8.1 |