Vulnerabilities > Kubernetes > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-10 | CVE-2016-7075 | Improper Certificate Validation vulnerability in multiple products It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. | 8.1 |
2017-07-17 | CVE-2017-1000056 | Missing Authorization vulnerability in Kubernetes Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object. | 7.5 |
2016-02-03 | CVE-2016-1905 | Improper Access Control vulnerability in Kubernetes The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. | 7.7 |