Kubernetes

Kubernetes

62 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2025-5187

  • EPSS 0.02%
  • Veröffentlicht 27.08.2025 16:20:56
  • Zuletzt bearbeitet 29.08.2025 16:24:09

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference re...

2.7

CVE-2025-4563

  • EPSS 0.03%
  • Veröffentlicht 23.06.2025 15:38:42
  • Zuletzt bearbeitet 23.06.2025 20:16:21

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim s...

3.1

CVE-2024-7598

  • EPSS 0.01%
  • Veröffentlicht 20.03.2025 16:52:57
  • Zuletzt bearbeitet 20.03.2025 21:15:22

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not de...

6.2

CVE-2025-0426

  • EPSS 0.03%
  • Veröffentlicht 13.02.2025 16:16:48
  • Zuletzt bearbeitet 13.02.2025 17:17:19

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

6.1

CVE-2024-5321

  • EPSS 0.05%
  • Veröffentlicht 18.07.2024 19:15:12
  • Zuletzt bearbeitet 21.11.2024 09:47:25

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

2.7

CVE-2024-3177

  • EPSS 6.4%
  • Veröffentlicht 22.04.2024 23:15:51
  • Zuletzt bearbeitet 21.11.2024 09:29:05

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with ...

8.8

CVE-2023-5528

  • EPSS 20.32%
  • Veröffentlicht 14.11.2023 21:15:14
  • Zuletzt bearbeitet 03.01.2025 19:42:12

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree sto...

8.8

CVE-2023-3955

Exploit
  • EPSS 0.79%
  • Veröffentlicht 31.10.2023 21:15:08
  • Zuletzt bearbeitet 13.02.2025 17:17:00

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

8.8

CVE-2023-3676

Exploit
  • EPSS 35.69%
  • Veröffentlicht 31.10.2023 21:15:08
  • Zuletzt bearbeitet 13.02.2025 17:16:58

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

6.3

CVE-2021-25736

  • EPSS 0.12%
  • Veröffentlicht 30.10.2023 03:15:07
  • Zuletzt bearbeitet 12.06.2025 15:15:27

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. C...