Kubernetes
CVE Severity Distribution (All Time)
Timeline Overview
Recent CVEs
View allThe Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11…
devtron is an open source tool integration platform for Kubernetes. In affected versions an authenticated user (with minimum permission) could utiliz…
A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server's public API endpoint can be exploited, a…
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build proc…
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build proc…
A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions`…
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Aut…
A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These to…
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the S…
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to ad…