Information on source package kubernetes

Available versions

ReleaseVersion
bullseye1.20.5+really1.20.2-1
bookworm1.20.5+really1.20.2-1.1
trixie1.20.5+really1.20.2-1.1
sid1.20.5+really1.20.2-1.1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2021-25743vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerablekubectl does not neutralize escape, meta or control sequences containe ...
CVE-2020-8554fixedfixedvulnerablevulnerableKubernetes API server in all versions allow an attacker who is able to ...

Resolved issues

BugDescription
CVE-2024-10220The Kubernetes kubelet component allows arbitrary command execution vi ...
CVE-2024-5321A security issue was discovered in Kubernetes clusters with Windows no ...
CVE-2024-3177A security issue was discovered in Kubernetes where users may be able ...
CVE-2023-5528A security issue was discovered in Kubernetes where a user that can cr ...
CVE-2023-3955A security issue was discovered in Kubernetes where a user that can c ...
CVE-2023-3893A security issue was discovered in Kubernetes where a user that can c ...
CVE-2023-3676A security issue was discovered in Kubernetes where a user that can c ...
CVE-2023-2728Users may be able to launch containers that bypass the mountable secre ...
CVE-2023-2727Users may be able to launch containers using images that are restricte ...
CVE-2023-2431A security issue was discovered in Kubelet that allows pods to bypass ...
CVE-2022-3294Users may have access to secure endpoints in the control plane network ...
CVE-2022-3172A security issue was discovered in kube-apiserver that allows an aggr ...
CVE-2022-3162Users authorized to list or watch one type of namespaced custom resour ...
CVE-2021-25749Windows workloads can run as ContainerAdministrator even when those wo ...
CVE-2021-25741A security issue was discovered in Kubernetes where a user may be able ...
CVE-2021-25740A security issue was discovered with Kubernetes that could enable user ...
CVE-2021-25737A security issue was discovered in Kubernetes where a user may be able ...
CVE-2021-25736Kube-proxy on Windows can unintentionally forward traffic to local pr ...
CVE-2021-25735A security issue was discovered in kube-apiserver that could allow nod ...
CVE-2020-8566In Kubernetes clusters using Ceph RBD as a storage provisioner, with l ...
CVE-2020-8565In Kubernetes, if the logging level is set to at least 9, authorizatio ...
CVE-2020-8564In Kubernetes clusters using a logging level of at least 4, processing ...
CVE-2020-8563In Kubernetes clusters using VSphere as a cloud provider, with a loggi ...
CVE-2020-8562As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes att ...
CVE-2020-8561A security issue was discovered in Kubernetes where actors that contro ...
CVE-2020-8559The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions pri ...
CVE-2020-8558The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17. ...
CVE-2020-8557The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17. ...
CVE-2020-8555The Kubernetes kube-controller-manager in versions v1.0-1.14, versions ...
CVE-2020-8552The Kubernetes API server component in versions prior to 1.15.9, 1.16. ...
CVE-2020-8551The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1. ...
CVE-2019-1002101The kubectl cp command allows copying files between containers and the ...
CVE-2019-1002100In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, use ...
CVE-2019-11254The Kubernetes API Server component in versions 1.1-1.14, and versions ...
CVE-2019-11253Improper input validation in the Kubernetes API server in versions v1. ...
CVE-2019-11252The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulne ...
CVE-2019-11251The Kubernetes kubectl cp command in versions 1.1-1.12, and versions p ...
CVE-2019-11250The Kubernetes client-go library logs request headers at verbosity lev ...
CVE-2019-11249The kubectl cp command allows copying files between containers and the ...
CVE-2019-11248The debugging endpoint /debug/pprof is exposed over the unauthenticate ...
CVE-2019-11247The Kubernetes kube-apiserver mistakenly allows access to a cluster-sc ...
CVE-2019-11246The kubectl cp command allows copying files between containers and the ...
CVE-2019-11245In kubelet v1.13.6 and v1.14.2, containers for pods that do not specif ...
CVE-2019-11244In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the ...
CVE-2019-11243In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientCon ...
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...
CVE-2018-1002105In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, in ...
CVE-2018-1002102Improper validation of URL redirection in the Kubernetes API server in ...
CVE-2018-1002101In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, ...
CVE-2018-1002100In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to versio ...
CVE-2017-1002102In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...
CVE-2017-1002101In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...
CVE-2017-1002100Default access permissions for Persistent Volumes (PVs) created by the ...
CVE-2017-1000056Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation ...
CVE-2016-7075It was found that Kubernetes as used by Openshift Enterprise 3 did not ...
CVE-2016-1906Openshift allows remote attackers to gain privileges by updating a bui ...
CVE-2016-1905The API server in Kubernetes does not properly check admission control ...
CVE-2015-7528Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitr ...
CVE-2015-5305Directory traversal vulnerability in Kubernetes, as used in Red Hat Op ...

Search for package or bug name: Reporting problems