Kubernetes
by Cri O
Source repositories
CVEs (74)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13281 | Med | 0.31 | 5.8 | 0.00 | Dec 14, 2025 | A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network… | ||
| CVE-2024-9042 | Med | 0.31 | 5.9 | 0.01 | Mar 13, 2025 | This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below. | ||
| CVE-2015-7528 | Med | 0.28 | 5.3 | 0.02 | Apr 11, 2016 | Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name. | ||
| CVE-2020-8561 | Med | 0.27 | 4.1 | 0.02 | Sep 20, 2021 | A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view… | ||
| CVE-2018-1002100 | Med | 0.27 | 4.2 | 0.02 | Jun 2, 2018 | In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files. | ||
| CVE-2026-24513 | Low | 0.20 | 3.1 | 0.00 | Feb 3, 2026 | A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration… | ||
| CVE-2024-7598 | Low | 0.20 | 3.1 | 0.00 | Mar 20, 2025 | A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for… | ||
| CVE-2021-25740 | Low | 0.20 | 3.1 | 0.02 | Sep 20, 2021 | A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. | ||
| CVE-2020-8562 | Low | 0.14 | 2.2 | 0.01 | Feb 1, 2022 | As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation… | ||
| CVE-2015-7561 | Low | 0.13 | 3.1 | 0.01 | Aug 7, 2017 | Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image. | ||
| CVE-2025-4563 | Low | 0.11 | 2.7 | 0.01 | Jun 23, 2025 | A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status… | ||
| CVE-2024-3177 | Low | 0.11 | 2.7 | 0.02 | Apr 22, 2024 | A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.… | ||
| CVE-2019-11248 | 0.07 | — | 0.61 | Aug 29, 2019 | The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and… | |||
| CVE-2021-25741 | 0.03 | — | 0.07 | Sep 20, 2021 | A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. | |||
| CVE-2018-1002105 | 0.03 | — | 0.87 | Dec 5, 2018 | In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then… | |||
| CVE-2020-8558 | 0.02 | — | 0.04 | Jul 27, 2020 | The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a… | |||
| CVE-2019-11253 | 0.02 | — | 0.26 | Oct 17, 2019 | Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially… | |||
| CVE-2022-3172 | 0.00 | — | 0.02 | Nov 3, 2023 | A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. | |||
| CVE-2021-25736 | 0.00 | — | 0.01 | Oct 30, 2023 | Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the… | |||
| CVE-2023-2728 | 0.00 | — | 0.02 | Jul 3, 2023 | Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s… |
- risk 0.31cvss 5.8epss 0.00
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network…
- risk 0.31cvss 5.9epss 0.01
This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.
- risk 0.28cvss 5.3epss 0.02
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
- risk 0.27cvss 4.1epss 0.02
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view…
- risk 0.27cvss 4.2epss 0.02
In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.
- risk 0.20cvss 3.1epss 0.00
A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration…
- risk 0.20cvss 3.1epss 0.00
A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for…
- risk 0.20cvss 3.1epss 0.02
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.
- risk 0.14cvss 2.2epss 0.01
As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation…
- risk 0.13cvss 3.1epss 0.01
Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
- risk 0.11cvss 2.7epss 0.01
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status…
- risk 0.11cvss 2.7epss 0.02
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.…
- CVE-2019-11248Aug 29, 2019risk 0.07cvss —epss 0.61
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and…
- CVE-2021-25741Sep 20, 2021risk 0.03cvss —epss 0.07
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.
- CVE-2018-1002105Dec 5, 2018risk 0.03cvss —epss 0.87
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then…
- CVE-2020-8558Jul 27, 2020risk 0.02cvss —epss 0.04
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a…
- CVE-2019-11253Oct 17, 2019risk 0.02cvss —epss 0.26
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially…
- CVE-2022-3172Nov 3, 2023risk 0.00cvss —epss 0.02
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties.
- CVE-2021-25736Oct 30, 2023risk 0.00cvss —epss 0.01
Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the…
- CVE-2023-2728Jul 3, 2023risk 0.00cvss —epss 0.02
Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s…
Page 2 of 4