cbcvebase.

K8S.Io Kubernetes vulnerabilities

50 known vulnerabilities affecting k8s.io/kubernetes.

Total CVEs
50
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH10MEDIUM27LOW5UNKNOWN7

Vulnerabilities

Page 2 of 3
CVE-2020-8559P3MEDIUM≥ 0, < 1.16.13≥ 1.17.0, < 1.17.9+1 more2024-04-24
CVE-2020-8559 [MEDIUM] CWE-601 Privilege Escalation in Kubernetes Privilege Escalation in Kubernetes The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.7 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
ghsaosv
CVE-2015-5305P3MEDIUM≥ 0, < 1.1.12022-02-15
CVE-2015-5305 [MEDIUM] CWE-22 Directory Traversal in Kubernetes Directory Traversal in Kubernetes Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd.
ghsaosv
CVE-2023-2727P3MEDIUM≥ 1.27.0, < 1.27.3≥ 1.26.0, < 1.26.6+2 more2023-07-03
CVE-2023-2727 [MEDIUM] CWE-20 kube-apiserver vulnerable to policy bypass kube-apiserver vulnerable to policy bypass Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
ghsaosv
CVE-2025-5187P3MEDIUM≥ 0, < 1.31.12≥ 1.32.0-alpha.0, < 1.32.8+1 more2025-08-27
CVE-2025-5187 [MEDIUM] CWE-863 Kubernetes Nodes can delete themselves by adding an OwnerReference Kubernetes Nodes can delete themselves by adding an OwnerReference A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be dele
ghsaosv
CVE-2025-13281P3MEDIUM≥ 0, < 1.32.10≥ 1.33.0-alpha.0, < 1.33.6+1 more2025-12-15
CVE-2025-13281 [MEDIUM] CWE-918 kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClass kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClass A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected
ghsaosv
CVE-2019-1002101P4MEDIUM≥ 0, < 1.11.9≥ 1.12.0, < 1.12.7+1 more2022-02-15
CVE-2019-1002101 [MEDIUM] CWE-59 Symlink Attack in kubectl cp Symlink Attack in kubectl cp The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on
ghsaosv
CVE-2021-25736P4MEDIUM≥ 0, < 1.212023-10-30
CVE-2021-25736 [MEDIUM] Kube-proxy may unintentionally forward traffic Kube-proxy may unintentionally forward traffic Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (`spec.ports[*].port`) as a LoadBalancer Service when the LoadBalancer controller does not set the `status.loadBalancer.ingress[].ip` field. Clusters where the LoadBalancer controller sets the `status.loadBalancer.ingress[].ip` field are unaffected.
ghsaosv
CVE-2025-1767P4MEDIUM≥ 0, ≤ 1.32.32025-03-13
CVE-2025-1767 [MEDIUM] CWE-20 Kubernetes GitRepo Volume Inadvertent Local Repository Access Kubernetes GitRepo Volume Inadvertent Local Repository Access A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the sam
ghsaosv
CVE-2019-11251P4MEDIUM≥ 1.13.10, < 1.13.11≥ 1.14.6, < 1.14.7+1 more2021-05-18
CVE-2019-11251 [MEDIUM] CWE-59 Kubernetes kubectl cp Vulnerable to Symlink Attack Kubernetes kubectl cp Vulnerable to Symlink Attack The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink,
ghsaosv
CVE-2024-9042P4MEDIUM≥ 0, < 1.29.13≥ 1.30.0-alpha.0, < 1.30.9+2 more2025-03-13
CVE-2024-9042 [MEDIUM] CWE-20 Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API A security vulnerability has been discovered in Kubernetes windows nodes that could allow a user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host. This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is runni
ghsaosv
CVE-2018-1002100P4MEDIUM≥ 1.5.0-alpha.0, < 1.9.62022-05-13
CVE-2018-1002100 [MEDIUM] CWE-20 Kubernetes arbitrary file overwrite Kubernetes arbitrary file overwrite In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.
ghsaosv
CVE-2020-8551P4MEDIUM≥ 1.15.0, < 1.15.10≥ 1.16.0, < 1.16.6+1 more2022-02-15
CVE-2020-8551 [MEDIUM] CWE-770 Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authentica
ghsaosv
CVE-2017-1002102P4MEDIUM≥ 1.3.0, < 1.7.14≥ 1.8.0, < 1.8.9+1 more2022-05-13
CVE-2017-1002102 [MEDIUM] CWE-284 Kubernetes arbitrary file overwrite Kubernetes arbitrary file overwrite In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.
ghsaosv
CVE-2024-5321P4HIGH≥ 0, < 1.27.16≥ 1.28.0, < 1.28.12+2 more2024-07-18
CVE-2024-5321 [HIGH] CWE-276 Kubernetes sets incorrect permissions on Windows containers logs Kubernetes sets incorrect permissions on Windows containers logs A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
ghsaosv
CVE-2020-8565P4MEDIUM≥ 0, < 1.20.0-alpha.22023-02-06
CVE-2020-8565 [MEDIUM] CWE-532 Kubernetes client-go vulnerable to Sensitive Information Leak via Log File Kubernetes client-go vulnerable to Sensitive Information Leak via Log File In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.5, <= v1.18.13, <= v1.17.15, < v1.20.0-alpha2.
ghsaosv
CVE-2023-2431P4MEDIUM≥ 0, < 1.24.14≥ 1.25.0, < 1.25.10+2 more2023-06-16
CVE-2023-2431 [MEDIUM] CWE-1287 Kubelet vulnerable to bypass of seccomp profile enforcement Kubelet vulnerable to bypass of seccomp profile enforcement A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.
ghsaosv
CVE-2020-8566P4UNKNOWN≥ 0, < 1.17.13≥ 1.18.0, < 1.18.10+1 more2024-06-04
CVE-2020-8566 Sensitive Information leak for users of Ceph RBD via Log File in k8s.io/kubernetes Sensitive Information leak for users of Ceph RBD via Log File in k8s.io/kubernetes Sensitive Information leak for users of Ceph RBD via Log File in k8s.io/kubernetes
osv
CVE-2020-8557P4UNKNOWN≥ 1.1.0, < 1.16.13≥ 1.17.0, < 1.17.9+1 more2024-06-10
CVE-2020-8557 Denial of service in Kubernetes in k8s.io/kubernetes Denial of service in Kubernetes in k8s.io/kubernetes Denial of service in Kubernetes in k8s.io/kubernetes
osv
CVE-2020-8563P4UNKNOWN≥ 0, < 1.19.32024-06-05
CVE-2020-8563 Sensitive Information leak for VSphere users via Log File in k8s.io/kubernetes Sensitive Information leak for VSphere users via Log File in k8s.io/kubernetes Sensitive Information leak for VSphere users via Log File in k8s.io/kubernetes
osv
CVE-2020-8564P4MEDIUM≥ 0, < 1.20.0-alpha.12023-02-06
CVE-2020-8564 [MEDIUM] CWE-532 Kubernetes Sensitive Information leak via Log File Kubernetes Sensitive Information leak via Log File In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13.
ghsaosv
K8S.Io Kubernetes vulnerabilities | cvebase