VYPR

apk package

wolfi/kubernetes-csi-external-provisioner

pkg:apk/wolfi/kubernetes-csi-external-provisioner

Vulnerabilities (63)

  • CVE-2023-3978Aug 2, 2023
    affected < 3.6.0-r3fixed 3.6.0-r3

    Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

  • CVE-2020-8552Mar 27, 2020
    affected < 0fixed 0

    The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.

  • CVE-2019-11255Dec 5, 2019
    affected < 4.0.1-r1fixed 4.0.1-r1

    Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized PersistentVolume data access o

Page 4 of 4