apk package
chainguard/cluster-autoscaler-1.30
pkg:apk/chainguard/cluster-autoscaler-1.30
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5321 | Med | 6.1 | < 1.30.2-r1 | 1.30.2-r1 | Jul 18, 2024 | A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs. | |
| CVE-2024-24791 | Hig | 7.5 | < 1.30.1-r1 | 1.30.1-r1 | Jul 2, 2024 | The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co | |
| CVE-2024-35255 | — | < 1.30.3-r1 | 1.30.3-r1 | Jun 11, 2024 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
- affected < 1.30.2-r1fixed 1.30.2-r1
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
- affected < 1.30.1-r1fixed 1.30.1-r1
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co
- CVE-2024-35255Jun 11, 2024affected < 1.30.3-r1fixed 1.30.3-r1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Page 2 of 2