| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2020-2309 | CloudBees Jenkins 权限许可和访问控制问题漏洞 | Jenkins project | Jenkins Kubernetes Plugin | 中危 | - | 2020-11-04 14:35:40 | Deep Dive |
| CVE-2020-8553 | Kubernetes ingress-nginx Compromise of auth via subset/superset namespace names | Kubernetes | ingress-nginx | Medium | 5.9 | 2020-07-29 14:53:32 | Deep Dive |
| CVE-2020-8558 | Kubernetes node setting allows for neighboring hosts to bypass localhost boundary | Kubernetes | Kubernetes | Medium | 5.4 | 2020-07-27 19:55:19 | Deep Dive |
| CVE-2020-8557 | Kubernetes node disk Denial of Service by writing to container /etc/hosts | Kubernetes | Kubernetes | Medium | 5.5 | 2020-07-23 16:59:39 | Deep Dive |
| CVE-2019-11252 | Credential leakage when failing to mount | Kubernetes | Kubernetes | Medium | 5.9 | 2020-07-23 14:47:38 | Deep Dive |
| CVE-2020-8559 | Privilege escalation from compromised node to cluster | Kubernetes | Kubernetes | Medium | 6.4 | 2020-07-22 13:47:09 | Deep Dive |
| CVE-2020-2211 | CloudBees Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 代码问题漏洞 | Jenkins project | Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin | 高危 | - | 2020-07-02 14:55:37 | Deep Dive |
| CVE-2020-8555 | Kubernetes kube-controller-manager SSRF | Kubernetes | Kubernetes | Medium | 6.3 | 2020-06-04 21:50:12 | Deep Dive |
| CVE-2020-7010 | Elastic Cloud on Kubernetes 安全漏洞 | Elastic | Elastic Cloud on Kubernetes | 高危 | - | 2020-06-03 17:55:42 | Deep Dive |
| CVE-2020-7922 | Kubernetes Operator generates potentially insecure certificates | MongoDB Inc. | MongoDB Enterprise Kubernetes Operator | Medium | 6.4 | 2020-04-09 17:35:12 | Deep Dive |
| CVE-2019-11254 | Kubernetes API Server denial of service vulnerability from malicious YAML payloads | Kubernetes | Kubernetes | Medium | 6.5 | 2020-04-01 20:30:16 | Deep Dive |
| CVE-2020-8552 | Kubernetes API server denial of service | Kubernetes | Kubernetes | Medium | 5.3 | 2020-03-27 14:25:15 | Deep Dive |
| CVE-2020-8551 | Kubernetes kubelet denial of service | Kubernetes | Kubernetes | Medium | 4.3 | 2020-03-27 14:25:14 | Deep Dive |
| CVE-2020-2121 | CloudBees Jenkins Google Kubernetes Engine Plugin 代码问题漏洞 | Jenkins project | Jenkins Google Kubernetes Engine Plugin | 高危 | - | 2020-02-12 14:35:45 | Deep Dive |
| CVE-2019-11251 | kubectl cp allows symlink directory traversal | Kubernetes | Kubernetes | Medium | 4.8 | 2020-02-03 15:35:13 | Deep Dive |
| CVE-2018-1002104 | Kubernetes 输入验证错误漏洞 | Kubernetes | k8s.gcr.io/defaultbackend | Medium | 5.3 | 2020-01-14 20:15:17 | Deep Dive |
| CVE-2019-16576 | CloudBees Jenkins Alauda Kubernetes Suport插件授权问题漏洞 | Jenkins project | Jenkins Alauda Kubernetes Suport Plugin | 中危 | - | 2019-12-17 14:40:57 | Deep Dive |
| CVE-2019-16575 | CloudBees Jenkins Alauda Kubernetes Suport Plugin 跨站请求伪造漏洞 | Jenkins project | Jenkins Alauda Kubernetes Suport Plugin | 高危 | - | 2019-12-17 14:40:56 | Deep Dive |
| CVE-2019-11255 | Kubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation | Kubernetes | kubernetes-csi external-provisioner | Medium | 4.8 | 2019-12-05 16:05:19 | Deep Dive |
| CVE-2018-1002102 | Kubernetes API server follows unvalidated redirects from streaming Kubelet endpoints | Kubernetes | Kubernetes | Low | 2.6 | 2019-12-05 16:05:18 | Deep Dive |