Filtered by vendor Kubernetes
Subscribe
Total
96 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3288 | 1 Kubernetes | 1 Ingress-nginx | 2026-06-17 | N/A | 8.8 HIGH |
| A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | |||||
| CVE-2026-22549 | 3 F5, Kubernetes, Redhat | 3 Big-ip Container Ingress Services, Kubernetes, Openshift | 2026-06-17 | N/A | 4.9 MEDIUM |
| A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-57870 | 4 Esri, Kubernetes, Linux and 1 more | 4 Arcgis Server, Kubernetes, Linux Kernel and 1 more | 2026-06-17 | N/A | 10.0 CRITICAL |
| A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Service operation. Successful exploitation can potentially result in unauthorized access, modification, or deletion of data from the underlying Enterprise Geodatabase. | |||||
| CVE-2024-5154 | 2 Kubernetes, Redhat | 3 Cri-o, Enterprise Linux, Openshift Container Platform | 2026-06-17 | N/A | 8.1 HIGH |
| A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system. | |||||
| CVE-2023-5528 | 3 Fedoraproject, Kubernetes, Microsoft | 3 Fedora, Kubernetes, Windows | 2026-06-17 | N/A | 7.2 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. | |||||
| CVE-2023-5044 | 1 Kubernetes | 1 Ingress-nginx | 2026-06-17 | N/A | 7.6 HIGH |
| Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation. | |||||
| CVE-2023-5043 | 1 Kubernetes | 1 Ingress-nginx | 2026-06-17 | N/A | 7.6 HIGH |
| Ingress nginx annotation injection causes arbitrary command execution. | |||||
| CVE-2023-3955 | 2 Kubernetes, Microsoft | 2 Kubernetes, Windows | 2026-06-17 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. | |||||
| CVE-2023-3893 | 1 Kubernetes | 1 Csi Proxy | 2026-06-17 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy. | |||||
| CVE-2023-3676 | 2 Kubernetes, Microsoft | 2 Kubernetes, Windows | 2026-06-17 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. | |||||
| CVE-2023-2878 | 1 Kubernetes | 1 Secrets-store-csi-driver | 2026-06-17 | N/A | 6.5 MEDIUM |
| Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. | |||||
| CVE-2023-2728 | 1 Kubernetes | 1 Kubernetes | 2026-06-17 | N/A | 6.5 MEDIUM |
| Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. | |||||
| CVE-2023-2727 | 1 Kubernetes | 1 Kubernetes | 2026-06-17 | N/A | 6.5 MEDIUM |
| Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. | |||||
| CVE-2023-2431 | 2 Fedoraproject, Kubernetes | 2 Fedora, Kubernetes | 2026-06-17 | N/A | 3.4 LOW |
| A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet. | |||||
| CVE-2023-1944 | 1 Kubernetes | 1 Minikube | 2026-06-17 | N/A | 8.4 HIGH |
| This vulnerability enables ssh access to minikube container using a default password. | |||||
| CVE-2023-1943 | 1 Kubernetes | 1 Operations | 2026-06-17 | N/A | 8.0 HIGH |
| Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode. | |||||
| CVE-2023-1260 | 2 Kubernetes, Redhat | 2 Kube-apiserver, Openshift Container Platform | 2026-06-17 | N/A | 8.0 HIGH |
| An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod. | |||||
| CVE-2023-1174 | 2 Apple, Kubernetes | 2 Macos, Minikube | 2026-06-17 | N/A | 9.8 CRITICAL |
| This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. | |||||
| CVE-2022-4886 | 1 Kubernetes | 1 Ingress-nginx | 2026-06-17 | N/A | 8.8 HIGH |
| Ingress-nginx `path` sanitization can be bypassed with `log_format` directive. | |||||
| CVE-2022-4318 | 3 Fedoraproject, Kubernetes, Redhat | 8 Extra Packages For Enterprise Linux, Fedora, Cri-o and 5 more | 2026-06-17 | N/A | 7.8 HIGH |
| A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. | |||||