VYPR

rpm package

suse/kubernetes1.23&distro=SUSE Linux Enterprise Module for Containers 15 SP5

pkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP5

Vulnerabilities (6)

  • CVE-2024-0793HigNov 17, 2024
    affected < 1.23.17-150500.3.9.1fixed 1.23.17-150500.3.9.1

    A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.

  • CVE-2024-3177LowApr 22, 2024
    affected < 1.23.17-150500.3.12.1fixed 1.23.17-150500.3.12.1

    A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. T

  • CVE-2023-2728Jul 3, 2023
    affected < 1.23.17-150500.3.3.1fixed 1.23.17-150500.3.3.1

    Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s se

  • CVE-2023-2727Jul 3, 2023
    affected < 1.23.17-150500.3.3.1fixed 1.23.17-150500.3.3.1

    Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

  • CVE-2023-2431Jun 16, 2023
    affected < 1.23.17-150500.3.6.1fixed 1.23.17-150500.3.6.1

    A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in un

  • CVE-2021-25743Jan 7, 2022
    affected < 1.23.17-150500.3.15.1fixed 1.23.17-150500.3.15.1

    kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.