Vulnerabilities > Kubernetes > Kubernetes > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2021-25736 | Unspecified vulnerability in Kubernetes Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. | 6.3 |
| 2023-07-03 | CVE-2023-2727 | Unspecified vulnerability in Kubernetes Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. | 6.5 |
| 2023-07-03 | CVE-2023-2728 | Unspecified vulnerability in Kubernetes Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. | 6.5 |
| 2023-06-16 | CVE-2023-2431 | A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. | 5.5 |
| 2023-03-01 | CVE-2022-3162 | Path Traversal vulnerability in Kubernetes Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. | 6.5 |
| 2021-09-20 | CVE-2020-8561 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Kubernetes 1.20.11/1.21.5/1.22.2 A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. | 4.0 |
| 2021-09-20 | CVE-2021-25741 | Files or Directories Accessible to External Parties vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | 5.5 |
| 2021-09-06 | CVE-2021-25735 | Unspecified vulnerability in Kubernetes A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. | 6.5 |
| 2021-09-06 | CVE-2021-25737 | Open Redirect vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. | 4.9 |
| 2021-01-21 | CVE-2020-8554 | Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. | 5.0 |