Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kubernetes — Vulnerabilities & Security Advisories 102

Browse all 102 CVE security advisories affecting Kubernetes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Kubernetes:Kubernetesingress-nginxkubeletKubernetes ingress-nginxMinikubeImage BuilderKubernetes Secrets Store CSI DriverKubernetes Java Clientkube-apiserverCSI Driver for NFSKubernetes CSharp Clientsecrets-store-sync-controllerazure-file-csi-drivercsi-proxykopssecrets-store-csi-driveraws-iam-authenticatorCSI Snapshotterkubernetes-csi external-provisionerk8s.gcr.io/defaultbackend
CVE IDTitleCVSSSeverityPublished
CVE-2021-25737 Holes in EndpointSlice Validation Enable Host Network Hijack — KubernetesCWE-184 2.7 Low2021-09-06
CVE-2021-25735 Validating Admission Webhook does not observe some previous fields — KubernetesCWE-372 6.5 Medium2021-09-06
CVE-2020-8569 Kubernetes CSI snapshot-controller DoS — CSI SnapshotterCWE-476 4.3 Medium2021-01-21
CVE-2020-8570 Kubernetes Java client libraries unvalidated path traversal in Copy implementation — Kubernetes Java ClientCWE-23 7.5 -2021-01-21
CVE-2020-8554 Kubernetes man in the middle using LoadBalancer or ExternalIPs — KubernetesCWE-283 6.3 Medium2021-01-21
CVE-2020-8567 Kubernetes Secrets Store CSI Driver plugin directory traversals — Kubernetes Secrets Store CSI DriverCWE-24 4.9 Medium2021-01-21
CVE-2020-8568 Kubernetes Secrets Store CSI Driver sync/rotate directory traversal — Kubernetes Secrets Store CSI DriverCWE-24 5.8 Medium2021-01-21
CVE-2020-8563 Secret leaks in logs for vSphere Provider kube-controller-manager — KubernetesCWE-532 4.7 Medium2020-12-07
CVE-2020-8564 Docker config secrets leaked when file is malformed and loglevel >= 4 — KubernetesCWE-532 4.7 Medium2020-12-07
CVE-2020-8565 Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9 — KubernetesCWE-532 4.7 Medium2020-12-07
CVE-2020-8566 Ceph RBD adminSecrets exposed in logs when loglevel >= 4 — KubernetesCWE-532 4.7 Medium2020-12-07
CVE-2020-8553 Kubernetes ingress-nginx Compromise of auth via subset/superset namespace names — ingress-nginxCWE-73 5.9 Medium2020-07-29
CVE-2020-8558 Kubernetes node setting allows for neighboring hosts to bypass localhost boundary — KubernetesCWE-420 5.4 Medium2020-07-27
CVE-2020-8557 Kubernetes node disk Denial of Service by writing to container /etc/hosts — KubernetesCWE-400 5.5 Medium2020-07-23
CVE-2019-11252 Credential leakage when failing to mount — KubernetesCWE-209 5.9 Medium2020-07-23
CVE-2020-8559 Privilege escalation from compromised node to cluster — KubernetesCWE-601 6.4 Medium2020-07-22
CVE-2020-8555 Kubernetes kube-controller-manager SSRF — KubernetesCWE-918 6.3 Medium2020-06-04
CVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads — KubernetesCWE-1050 6.5 Medium2020-04-01
CVE-2020-8552 Kubernetes API server denial of service — KubernetesCWE-789 5.3 Medium2020-03-27
CVE-2020-8551 Kubernetes kubelet denial of service — KubernetesCWE-789 4.3 Medium2020-03-27
CVE-2019-11251 kubectl cp allows symlink directory traversal — KubernetesCWE-61 4.8 Medium2020-02-03
CVE-2018-1002104 Kubernetes 输入验证错误漏洞 — k8s.gcr.io/defaultbackendCWE-215 5.3 Medium2020-01-14
CVE-2019-11255 Kubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation — kubernetes-csi external-provisionerCWE-20 4.8 Medium2019-12-05
CVE-2018-1002102 Kubernetes API server follows unvalidated redirects from streaming Kubelet endpoints — KubernetesCWE-601 2.6 Low2019-12-05
CVE-2019-11253 Kubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack — KubernetesCWE-20 7.5 High2019-10-17
CVE-2019-11250 Kubernetes client-go logs authorization headers at debug verbosity levels — KubernetesCWE-532 6.5 -2019-08-29
CVE-2019-11249 kubectl cp allows symlink directory traversal — KubernetesCWE-61 5.7 -2019-08-29
CVE-2019-11248 Kubernetes kubelet exposes /debug/pprof info on healthz port — KubernetesCWE-419 5.4 -2019-08-29
CVE-2019-11247 Kubernetes kube-apiserver allows access to custom resources via wrong scope — KubernetesCWE-20 8.3 -2019-08-29
CVE-2019-11246 kubectl cp allows symlink directory traversal — KubernetesCWE-61 5.7 -2019-08-29

This page lists every published CVE security advisory associated with Kubernetes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.