Vulnerabilities > Kubernetes > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2020-8562 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Kubernetes As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. | 3.5 |
| 2022-01-07 | CVE-2021-25743 | Unspecified vulnerability in Kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. | 2.1 |
| 2021-09-20 | CVE-2021-25740 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Kubernetes A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | 3.5 |
| 2020-12-07 | CVE-2020-8563 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. | 2.1 |
| 2020-12-07 | CVE-2020-8564 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. | 2.1 |
| 2020-12-07 | CVE-2020-8565 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. | 2.1 |
| 2020-12-07 | CVE-2020-8566 | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. | 2.1 |
| 2019-12-05 | CVE-2018-1002102 | Open Redirect vulnerability in multiple products Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. | 2.6 |
| 2019-08-29 | CVE-2019-11250 | Information Exposure Through Log Files vulnerability in multiple products The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. | 3.5 |
| 2019-04-22 | CVE-2019-11244 | Permissions, Privileges, and Access Controls vulnerability in Kubernetes In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). | 1.9 |