Vulnerabilities > Kubernetes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-20 | CVE-2021-25741 | Files or Directories Accessible to External Parties vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | 8.1 |
| 2021-09-06 | CVE-2021-25735 | Unspecified vulnerability in Kubernetes A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. | 6.5 |
| 2021-09-06 | CVE-2021-25737 | Open Redirect vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. | 4.8 |
| 2021-01-21 | CVE-2020-8570 | Path Traversal vulnerability in Kubernetes Java Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. | 9.1 |
| 2021-01-21 | CVE-2020-8569 | NULL Pointer Dereference vulnerability in Kubernetes Container Storage Interface Snapshotter Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. | 6.5 |
| 2021-01-21 | CVE-2020-8568 | Path Traversal vulnerability in Kubernetes Secrets Store CSI Driver 0.0.15/0.0.16 Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. | 6.5 |
| 2021-01-21 | CVE-2020-8554 | Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. | 5.0 |
| 2020-12-07 | CVE-2020-8566 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. | 5.5 |
| 2020-12-07 | CVE-2020-8565 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. | 5.5 |
| 2020-12-07 | CVE-2020-8564 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. | 5.5 |