Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes csi proxy vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-3893
A security issue exists in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.
Kubernetes Csi Proxy 2.0.0
Kubernetes Csi Proxy
7.5
CVSSv3
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
5 Github repositories
7.5
CVSSv3
CVE-2022-23773
cmd/go in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
4 Github repositories
9.1
CVSSv3
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started