Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Network restriction bypass via race condition during namespace termination
Vulnerability Description
A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Vulnerability Title
Kubernetes 安全漏洞
Vulnerability Description
Kubernetes(K8s)是Kubernetes开源的一个开源系统,用于自动部署、扩展和管理容器化应用程序。 Kubernetes存在安全漏洞,该漏洞源于网络策略在命名空间删除期间可能被绕过,导致网络限制失效。
CVSS Information
N/A
Vulnerability Type
N/A