Skip to content

Issues: mostafahussein/kubernetes-sec-alert

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

142 Open 0 Closed
142 Open 0 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin cve-2024-3177
#142 opened May 7, 2024 by k8s-sec-alert
CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes cve-2023-5528
#141 opened May 7, 2024 by k8s-sec-alert
CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation cve-2023-3955
#140 opened May 7, 2024 by k8s-sec-alert
CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation cve-2023-3893
#139 opened May 7, 2024 by k8s-sec-alert
CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation cve-2023-3676
#138 opened May 7, 2024 by k8s-sec-alert
CVE-2023-2878: secrets-store-csi-driver discloses service account tokens in logs cve-2023-2878
#137 opened May 7, 2024 by k8s-sec-alert
CVE-2023-2431: Bypass of seccomp profile enforcement cve-2023-2431
#136 opened May 7, 2024 by k8s-sec-alert
CVE-2022-3294: Node address isn't always verified when proxying cve-2022-3294
#135 opened May 7, 2024 by k8s-sec-alert
CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF) cve-2022-3172
#134 opened May 7, 2024 by k8s-sec-alert
CVE-2022-3162: Unauthorized read of Custom Resources cve-2022-3162
#133 opened May 7, 2024 by k8s-sec-alert
CVE-2021-3121: Processes may panic upon receipt of malicious protobuf messages cve-2021-3121
#132 opened May 7, 2024 by k8s-sec-alert
CVE-2021-25749: runAsNonRoot logic bypass for Windows containers cve-2021-25749
#131 opened May 7, 2024 by k8s-sec-alert
CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access cve-2021-25741
#130 opened May 7, 2024 by k8s-sec-alert
CVE-2021-25737: Holes in EndpointSlice Validation Enable Host Network Hijack cve-2021-25737
#129 opened May 7, 2024 by k8s-sec-alert
CVE-2021-25735: Validating Admission Webhook does not observe some previous fields cve-2021-25735
#128 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8566: Ceph RBD adminSecrets exposed in logs when loglevel >= 4 cve-2020-8566
#127 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8565: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9 cve-2020-8565
#126 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8564: Docker config secrets leaked when file is malformed and log level >= 4 cve-2020-8564
#125 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8563: Secret leaks in kube-controller-manager when using vSphere provider cve-2020-8563
#124 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8559: Privilege escalation from compromised node to cluster cve-2020-8559
#123 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8558: Node setting allows for neighboring hosts to bypass localhost boundary cve-2020-8558
#122 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8557: Node disk DOS by writing to container /etc/hosts cve-2020-8557
#121 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8555: Half-Blind SSRF in kube-controller-manager cve-2020-8555
#120 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs cve-2020-8554
#119 opened May 7, 2024 by k8s-sec-alert
CVE-2020-8552: apiserver DoS (oom) cve-2020-8552
#118 opened May 7, 2024 by k8s-sec-alert
ProTip! Find all open issues with in progress development work with linked:pr.