Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

kubernetes kubernetes 1.13.6 vulnerabilities and exploits

(subscribe to this query)
4.6
CVSSv2
CVE-2019-11245
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the ...
Kubernetes Kubernetes 1.13.6Kubernetes Kubernetes 1.14.2
5
CVSSv2
CVE-2019-9946
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which ...
Kubernetes KubernetesKubernetes Kubernetes 1.13.6Kubernetes Kubernetes 1.14.0Cncf PortmapNetapp Cloud Insights -
6.4
CVSSv2
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and co...
Kubernetes Kubernetes 1.13.0Kubernetes Kubernetes 1.13.3Kubernetes Kubernetes 1.13.4Kubernetes Kubernetes 1.13.6Kubernetes Kubernetes 1.13.7Kubernetes Kubernetes 1.14.0Kubernetes Kubernetes 1.14.3Kubernetes Kubernetes 1.15.0Kubernetes Kubernetes 1.13.1Kubernetes Kubernetes 1.13.2Kubernetes Kubernetes 1.13.5Kubernetes Kubernetes 1.14.1Kubernetes Kubernetes 1.14.2Kubernetes KubernetesKubernetes Kubernetes 1.13.8Kubernetes Kubernetes 1.14.4
4.3
CVSSv2
CVE-2019-11246
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary...
Kubernetes KubernetesKubernetes Kubernetes 1.12.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook