漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Nodes can bypass dynamic resource allocation authorization checks
Vulnerability Description
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
输入验证不恰当
Vulnerability Title
Kubernetes 安全漏洞
Vulnerability Description
Kubernetes(K8s)是Kubernetes开源的一个开源系统,用于自动部署、扩展和管理容器化应用程序。 Kubernetes存在安全漏洞,该漏洞源于NodeRestriction准入控制器动态资源分配授权检查不足,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A