Critical severity9.8NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-1000056
CVE-2017-1000056
Description
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
k8s.io/kubernetesGo | >= 1.5.0, < 1.5.5 | 1.5.5 |
Affected products
7cpe:2.3:a:kubernetes:kubernetes:1.5.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:kubernetes:kubernetes:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:kubernetes:kubernetes:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:kubernetes:kubernetes:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:kubernetes:kubernetes:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:kubernetes:kubernetes:1.5.4:*:*:*:*:*:*:*
- ghsa-coords2 versions
>= 1.5.0, < 1.5.5+ 1 more
- (no CPE)range: >= 1.5.0, < 1.5.5
- (no CPE)range: < 0.0.20250807T150727-1.1
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-2jx2-76rc-2v7vghsaADVISORY
- github.com/kubernetes/kubernetes/issues/43459nvdMitigationThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-1000056ghsaADVISORY
- github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5eghsaWEB
News mentions
0No linked articles in our index yet.