Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-2309
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Kubernetes
356
VMScore
CVE-2020-2307
Jenkins Kubernetes Plugin 1.27.3 and previous versions allows low-privilege users to access possibly sensitive Jenkins controller environment variables.
Jenkins Kubernetes
606
VMScore
CVE-2018-1002103
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernet...
Kubernetes Minikube
2 Github repositories
NA
CVE-2023-30513
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Jenkins Kubernetes
570
VMScore
CVE-2020-8570
Kubernetes Java client libraries in version 10.0.0 and versions before 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of t...
Kubernetes Java
356
VMScore
CVE-2018-1999040
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and previous versions in KubernetesCloud.java that allows malicious users to capture credentials with a known credentials ID stored in Jenkins.
Jenkins Kubernetes
NA
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password.
Kubernetes Minikube
447
VMScore
CVE-2018-18264
Kubernetes Dashboard prior to 1.10.1 allows malicious users to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
Kubernetes Dashboard
356
VMScore
CVE-2021-21661
Jenkins Kubernetes CLI Plugin 1.10.0 and previous versions does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Kubernetes
1 Github repository
356
VMScore
CVE-2020-2308
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to list global pod template names.
Jenkins Kubernetes
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »