Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-1000187
A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs.
Jenkins Kubernetes
7.5
CVSSv3
CVE-2018-18264
Kubernetes Dashboard prior to 1.10.1 allows malicious users to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
Kubernetes Dashboard
6.7
CVSSv3
CVE-2021-25738
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
Kubernetes Java
9.1
CVSSv3
CVE-2020-8570
Kubernetes Java client libraries in version 10.0.0 and versions before 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of t...
Kubernetes Java
4.3
CVSSv3
CVE-2020-2308
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to list global pod template names.
Jenkins Kubernetes
8.8
CVSSv3
CVE-2023-1943
Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode.
Kubernetes Operations
7.8
CVSSv3
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password.
Kubernetes Minikube
4.3
CVSSv3
CVE-2020-2309
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Kubernetes
7.5
CVSSv3
CVE-2023-30513
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Jenkins Kubernetes
5
CVSSv3
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »