Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kubernetes — Vulnerabilities & Security Advisories 52

All 52 CVE vulnerabilities found in Kubernetes, with AI-generated Chinese analysis, references, and POCs.

Vendor: Kubernetes

CVE IDTitleCVSSSeverityPublished
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager CWE-918 5.8 Medium2025-12-14
CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference CWE-863 6.7 Medium2025-08-27
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks CWE-20 2.7 Low2025-06-23
CVE-2024-5321 Incorrect permissions on Windows containers logs CWE-276 6.1 Medium2024-07-18
CVE-2024-3177 Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin CWE-20 2.7 Low2024-04-22
CVE-2021-25736 Windows kube-proxy LoadBalancer contention 5.8 Medium2023-10-30
CVE-2022-3248 Openshift api admission checks does not enforce "custom-host" permissions CWE-863 4.4 Medium2023-10-05
CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin CWE-20 6.5 Medium2023-07-03
CVE-2023-2727 Bypassing policies imposed by the ImagePolicyWebhook admission plugin CWE-20 6.5 Medium2023-07-03
CVE-2023-2431 Bypass of seccomp profile enforcement CWE-1287 3.4 Low2023-06-16
CVE-2021-25749 runAsNonRoot logic bypass for Windows containers CWE-284 7.8 High2023-05-24
CVE-2022-3162 Unauthorized read of Custom Resources CWE-23 6.5 Medium2023-03-01
CVE-2022-3294 Node address isn't always verified when proxying CWE-20 6.6 Medium2023-03-01
CVE-2020-8562 Bypass of Kubernetes API Server proxy TOCTOU CWE-367 2.2 Low2022-02-01
CVE-2021-25743 ANSI escape characters in kubectl output are not being filtered CWE-150 3.0 Low2022-01-07
CVE-2021-25741 Symlink Exchange Can Allow Host Filesystem Access CWE-20 8.8 High2021-09-20
CVE-2021-25740 Holes in EndpointSlice Validation Enable Host Network Hijack CWE-441 3.1 Low2021-09-20
CVE-2020-8561 Webhook redirect in kube-apiserver CWE-441 4.1 Medium2021-09-20
CVE-2021-25737 Holes in EndpointSlice Validation Enable Host Network Hijack CWE-184 2.7 Low2021-09-06
CVE-2021-25735 Validating Admission Webhook does not observe some previous fields CWE-372 6.5 Medium2021-09-06
CVE-2020-8554 Kubernetes man in the middle using LoadBalancer or ExternalIPs CWE-283 6.3 Medium2021-01-21
CVE-2020-8563 Secret leaks in logs for vSphere Provider kube-controller-manager CWE-532 4.7 Medium2020-12-07
CVE-2020-8564 Docker config secrets leaked when file is malformed and loglevel >= 4 CWE-532 4.7 Medium2020-12-07
CVE-2020-8565 Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9 CWE-532 4.7 Medium2020-12-07
CVE-2020-8566 Ceph RBD adminSecrets exposed in logs when loglevel >= 4 CWE-532 4.7 Medium2020-12-07
CVE-2020-8558 Kubernetes node setting allows for neighboring hosts to bypass localhost boundary CWE-420 5.4 Medium2020-07-27
CVE-2020-8557 Kubernetes node disk Denial of Service by writing to container /etc/hosts CWE-400 5.5 Medium2020-07-23
CVE-2019-11252 Credential leakage when failing to mount CWE-209 5.9 Medium2020-07-23
CVE-2020-8559 Privilege escalation from compromised node to cluster CWE-601 6.4 Medium2020-07-22
CVE-2020-8555 Kubernetes kube-controller-manager SSRF CWE-918 6.3 Medium2020-06-04

All 52 known CVE vulnerabilities affecting Kubernetes with full Chinese analysis, references, and POCs where available.