Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-2308
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to list global pod template names.
Jenkins Kubernetes
4
CVSSv2
CVE-2020-2309
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Kubernetes
4
CVSSv2
CVE-2020-2307
Jenkins Kubernetes Plugin 1.27.3 and previous versions allows low-privilege users to access possibly sensitive Jenkins controller environment variables.
Jenkins Kubernetes
4.6
CVSSv2
CVE-2021-25738
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
Kubernetes Java
NA
CVE-2023-30513
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Jenkins Kubernetes
4
CVSSv2
CVE-2021-21661
Jenkins Kubernetes CLI Plugin 1.10.0 and previous versions does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Kubernetes
1 Github repository
4
CVSSv2
CVE-2018-1000187
A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs.
Jenkins Kubernetes
4
CVSSv2
CVE-2018-1999040
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and previous versions in KubernetesCloud.java that allows malicious users to capture credentials with a known credentials ID stored in Jenkins.
Jenkins Kubernetes
6.8
CVSSv2
CVE-2018-1002103
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernet...
Kubernetes Minikube
2 Github repositories
1.9
CVSSv2
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »