Vulnerabilidades em Kubernetes
102 resultadosCVE-2020-8555MEDIUMKubernetes kube-controller-manager SSRFEPSS 3.7%CVE-2019-11246MEDIUMkubectl cp allows symlink directory traversalEPSS 3.6%CVE-2020-8558MEDIUMKubernetes node setting allows for neighboring hosts to bypass localhost boundaryEPSS 3.6%CVE-2023-5528HIGHKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalationEPSS 3.6%CVE-2020-8570—Kubernetes Java client libraries unvalidated path traversal in Copy implementationEPSS 3.5%CVE-2025-24513MEDIUMingress-nginx controller - auth secret file path traversal vulnerabilityEPSS 3.5%CVE-2023-3955HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalationEPSS 3.4%CVE-2024-10220HIGHArbitrary command execution through gitRepo volumeEPSS 3.0%CVE-2023-3893HIGHKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalationEPSS 2.9%CVE-2022-3172MEDIUMKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)EPSS 2.5%CVE-2020-8552MEDIUMKubernetes API server denial of serviceEPSS 2.4%CVE-2019-11254MEDIUMKubernetes API Server denial of service vulnerability from malicious YAML payloadsEPSS 2.3%CVE-2019-11251MEDIUMkubectl cp allows symlink directory traversalEPSS 2.3%CVE-2020-8569MEDIUMKubernetes CSI snapshot-controller DoSEPSS 2.3%CVE-2023-5043HIGHIngress nginx annotation injection causes arbitrary command executionEPSS 2.2%CVE-2024-3177LOWBypassing mountable secrets policy imposed by the ServiceAccount admission pluginEPSS 2.2%CVE-2024-9486CRITICALVM images built with Image Builder and Proxmox provider use default credentialsEPSS 2.2%CVE-2023-2728MEDIUMBypassing enforce mountable secrets policy imposed by the ServiceAccount admission pluginEPSS 2.2%CVE-2019-11247MEDIUMKubernetes kube-apiserver allows access to custom resources via wrong scopeEPSS 2.1%CVE-2020-8561MEDIUMWebhook redirect in kube-apiserverEPSS 2.0%