Vulnerabilities > Kubernetes > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-05 | CVE-2018-1002101 | Unspecified vulnerability in Kubernetes In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection. | 7.5 |
| 2018-09-10 | CVE-2016-7075 | Improper Certificate Validation vulnerability in multiple products It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. | 8.1 |
| 2017-07-17 | CVE-2017-1000056 | Missing Authorization vulnerability in Kubernetes Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object. | 7.5 |
| 2016-02-03 | CVE-2016-1905 | Improper Access Control vulnerability in Kubernetes The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. | 7.7 |