VYPR

apk package

wolfi/kubernetes-1.25

pkg:apk/wolfi/kubernetes-1.25

Vulnerabilities (4)

  • CVE-2016-7075HigSep 10, 2018
    affected < 0fixed 0

    It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

  • CVE-2015-7561LowAug 7, 2017
    affected < 0fixed 0

    Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.

  • CVE-2016-1906CriFeb 3, 2016
    affected < 0fixed 0

    Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

  • CVE-2016-1905HigFeb 3, 2016
    affected < 0fixed 0

    The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.