Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes 1.13.6 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-11245
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the ...
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.14.2
1 Github repository
7.5
CVSSv3
CVE-2019-9946
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which ...
Kubernetes Kubernetes
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.14.0
Cncf Portmap
Netapp Cloud Insights -
1 Github repository
8.2
CVSSv3
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and co...
Kubernetes Kubernetes 1.13.0
Kubernetes Kubernetes 1.13.3
Kubernetes Kubernetes 1.13.4
Kubernetes Kubernetes 1.13.6
Kubernetes Kubernetes 1.13.7
Kubernetes Kubernetes 1.14.0
Kubernetes Kubernetes 1.14.3
Kubernetes Kubernetes 1.15.0
Kubernetes Kubernetes 1.13.1
Kubernetes Kubernetes 1.13.2
Kubernetes Kubernetes 1.13.5
Kubernetes Kubernetes 1.14.1
Kubernetes Kubernetes 1.14.2
Kubernetes Kubernetes
Kubernetes Kubernetes 1.13.8
Kubernetes Kubernetes 1.14.4
6.5
CVSSv3
CVE-2019-11246
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary...
Kubernetes Kubernetes
Kubernetes Kubernetes 1.12.11
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started