Vulnerabilities > Kubernetes > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-5528 | A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. | 8.8 |
2023-11-03 | CVE-2022-3172 | Server-Side Request Forgery (SSRF) vulnerability in Kubernetes Apiserver A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. | 8.2 |
2023-11-03 | CVE-2023-3893 | Unspecified vulnerability in Kubernetes CSI Proxy A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. | 8.8 |
2023-10-31 | CVE-2023-3676 | Improper Input Validation vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. | 8.8 |
2023-10-31 | CVE-2023-3955 | Improper Input Validation vulnerability in Kubernetes A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. | 8.8 |
2023-10-25 | CVE-2023-5043 | Injection vulnerability in Kubernetes Ingress-Nginx Ingress nginx annotation injection causes arbitrary command execution. | 8.8 |
2023-10-25 | CVE-2023-5044 | Code Injection vulnerability in Kubernetes Ingress-Nginx Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation. | 8.8 |
2023-10-12 | CVE-2023-1943 | Unspecified vulnerability in Kubernetes Operations Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode. low complexity kubernetes | 8.8 |
2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |
2023-09-24 | CVE-2023-1260 | An authentication bypass vulnerability was discovered in kube-apiserver. | 8.0 |