| CVE-2021-25741 |
high |
— |
8.0 |
|
|
|
5y ago |
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host file… |
| CVE-2015-5305 |
medium |
— |
6.4 |
|
|
|
11y ago |
Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handle… |
| CVE-2020-8554 |
medium |
6.3 |
6.3 |
|
|
|
4y ago |
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacke… |
| CVE-2021-25735 |
medium |
— |
5.5 |
|
|
|
5y ago |
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Adm… |
| CVE-2020-8561 |
medium |
4.1 |
4.1 |
|
|
|
5y ago |
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver re… |
