Vulnerabilities > Kubernetes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2020-8562 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Kubernetes As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. | 3.5 |
| 2022-01-07 | CVE-2021-25743 | Unspecified vulnerability in Kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. | 2.1 |
| 2021-10-29 | CVE-2021-25742 | A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster. | 5.5 |
| 2021-10-11 | CVE-2021-25738 | Deserialization of Untrusted Data vulnerability in Kubernetes Java Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. | 6.7 |
| 2021-09-20 | CVE-2020-8561 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Kubernetes 1.20.11/1.21.5/1.22.2 A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. | 4.0 |
| 2021-09-20 | CVE-2021-25740 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Kubernetes A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | 3.5 |
| 2021-09-20 | CVE-2021-25741 | Files or Directories Accessible to External Parties vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | 5.5 |
| 2021-09-06 | CVE-2021-25735 | Unspecified vulnerability in Kubernetes A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. | 6.5 |
| 2021-09-06 | CVE-2021-25737 | Open Redirect vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. | 4.9 |
| 2021-01-21 | CVE-2020-8570 | Path Traversal vulnerability in Kubernetes Java Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. | 9.1 |