Kubernetes

Kubernetes

62 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2025-5187

  • EPSS 0.02%
  • Published 27.08.2025 16:20:56
  • Last modified 29.08.2025 16:24:09

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference re...

2.7

CVE-2025-4563

  • EPSS 0.03%
  • Published 23.06.2025 15:38:42
  • Last modified 23.06.2025 20:16:21

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim s...

3.1

CVE-2024-7598

  • EPSS 0.01%
  • Published 20.03.2025 16:52:57
  • Last modified 20.03.2025 21:15:22

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not de...

6.2

CVE-2025-0426

  • EPSS 0.03%
  • Published 13.02.2025 16:16:48
  • Last modified 13.02.2025 17:17:19

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

6.1

CVE-2024-5321

  • EPSS 0.05%
  • Published 18.07.2024 19:15:12
  • Last modified 21.11.2024 09:47:25

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

2.7

CVE-2024-3177

  • EPSS 6.4%
  • Published 22.04.2024 23:15:51
  • Last modified 21.11.2024 09:29:05

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with ...

8.8

CVE-2023-5528

  • EPSS 20.32%
  • Published 14.11.2023 21:15:14
  • Last modified 03.01.2025 19:42:12

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree sto...

8.8

CVE-2023-3955

Exploit
  • EPSS 0.79%
  • Published 31.10.2023 21:15:08
  • Last modified 13.02.2025 17:17:00

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

8.8

CVE-2023-3676

Exploit
  • EPSS 35.69%
  • Published 31.10.2023 21:15:08
  • Last modified 13.02.2025 17:16:58

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

6.3

CVE-2021-25736

  • EPSS 0.12%
  • Published 30.10.2023 03:15:07
  • Last modified 12.06.2025 15:15:27

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. C...