Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes 1.15.0 vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and...
Kubernetes Kubernetes
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Policy 1.15.0
14 Github repositories
1 Article
3.3
CVSSv2
CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API ty...
Kubernetes Kubernetes
Fedoraproject Fedora 32
6.4
CVSSv2
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and co...
Kubernetes Kubernetes 1.13.0
Kubernetes Kubernetes 1.13.3
Kubernetes Kubernetes 1.13.4
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.13.7
Kubernetes Kubernetes 1.14.0
Kubernetes Kubernetes 1.14.3
Kubernetes Kubernetes 1.15.0
Kubernetes Kubernetes 1.13.1
Kubernetes Kubernetes 1.13.2
Kubernetes Kubernetes 1.13.5
Kubernetes Kubernetes 1.14.1
Kubernetes Kubernetes 1.14.2
Kubernetes Kubernetes
Kubernetes Kubernetes 1.13.8
Kubernetes Kubernetes 1.14.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started