Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes 1.14.2 vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2019-11245
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the ...
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.14.2
1 Github repository
573
VMScore
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and co...
Kubernetes Kubernetes 1.13.0
Kubernetes Kubernetes 1.13.3
Kubernetes Kubernetes 1.13.4
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.13.7
Kubernetes Kubernetes 1.14.0
Kubernetes Kubernetes 1.14.3
Kubernetes Kubernetes 1.15.0
Kubernetes Kubernetes 1.13.1
Kubernetes Kubernetes 1.13.2
Kubernetes Kubernetes 1.13.5
Kubernetes Kubernetes 1.14.1
Kubernetes Kubernetes 1.14.2
Kubernetes Kubernetes
Kubernetes Kubernetes 1.13.8
Kubernetes Kubernetes 1.14.4
384
VMScore
CVE-2019-11246
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary...
Kubernetes Kubernetes
Kubernetes Kubernetes 1.12.11
2 Github repositories
NA
CVE-2023-39347
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-pr...
Cilium Cilium
NA
CVE-2023-41333
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy en...
Cilium Cilium
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started