Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/926507?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "kubernetes", "version": "1.20.5+really1.20.2-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.20.5+really1.20.2-1.1", "latest_non_vulnerable_version": "1.33.4+ds-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52474?format=api", "vulnerability_id": "VCID-42kp-8t9h-dfat", "summary": "kubectl ANSI escape characters not filtered\nkubectl (k8s.io/kubernetes/pkg/kubectl) does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51299", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51224", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51261", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51313", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51364", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51372", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51351", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25743" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/101695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/101695" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/112553", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/112553" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25743", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25743" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220217-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220217-0003" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016441", "reference_id": "1016441", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042418", "reference_id": "2042418", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042418" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926519?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926514?format=api", "purl": "pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.31.4%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25743", "GHSA-f9jg-8p32-2f55" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42kp-8t9h-dfat" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30850?format=api", "vulnerability_id": "VCID-17m6-nd3p-dybh", "summary": "Kubernetes Sensitive Information leak via Log File\nIn Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8564.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8564.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16972", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17072", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17036", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17154", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17201", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17224", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17297", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17247", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17073", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8564" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/95622", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/95622" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/94712", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/94712" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2021-0066", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2021-0066" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0006" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637", "reference_id": "1886637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341", "reference_id": "972341", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4297", "reference_id": "RHSA-2020:4297", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5259", "reference_id": "RHSA-2020:5259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5359", "reference_id": "RHSA-2020:5359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0171", "reference_id": "RHSA-2021:0171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0172", "reference_id": "RHSA-2021:0172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0281", "reference_id": "RHSA-2021:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3193", "reference_id": "RHSA-2021:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3193" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926517?format=api", "purl": "pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.19.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8564", "GHSA-8mjg-8c8g-6h85" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17m6-nd3p-dybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12769?format=api", "vulnerability_id": "VCID-2cbk-c4k3-kyc8", "summary": "Privilege Escalation in Kubernetes\nThe Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.7 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97885", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97889", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97887", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.9788", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97879", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97878", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97857", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97872", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97864", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97863", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51201", "scoring_system": "epss", "scoring_elements": "0.97875", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8559" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8559" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/92914", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/92914" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/92941", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/92941" }, { "reference_url": "https://github.com/tdwyer/CVE-2020-8559", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tdwyer/CVE-2020-8559" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200810-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200810-0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5194", "reference_id": "RHSA-2020:5194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5363", "reference_id": "RHSA-2020:5363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0030", "reference_id": "RHSA-2021:0030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0281", "reference_id": "RHSA-2021:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0281" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926516?format=api", "purl": "pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8559", "GHSA-33c5-9fx5-fvjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cbk-c4k3-kyc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48849?format=api", "vulnerability_id": "VCID-2ej9-nn86-7bet", "summary": "Kubernetes kubectl cp Vulnerable to Symlink Attack\nThe Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11251.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11251.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87537", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87496", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.8751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87521", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87523", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87452", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03448", "scoring_system": "epss", "scoring_elements": "0.87462", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11251" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/87773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/87773" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/82143", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/82143" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11251", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11251" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753495", "reference_id": "1753495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3266", "reference_id": "RHSA-2019:3266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3267", "reference_id": "RHSA-2019:3267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3267" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11251", "GHSA-6qfg-8799-r575" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ej9-nn86-7bet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58968?format=api", "vulnerability_id": "VCID-35gz-1zjh-2qan", "summary": "Kubernetes DoS Vulnerability\nIn all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type \"json-patch\" (e.g. `kubectl patch --type json` or `\"Content-Type: application/json-patch+json\"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1851", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3239", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3239" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1002100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89582", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89517", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89521", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.8955", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89562", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89561", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89555", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89568", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.8957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04868", "scoring_system": "epss", "scoring_elements": "0.89567", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1002100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1002100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1002100" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/74534", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/74534" }, { "reference_url": "https://groups.google.com/forum/#%21topic/kubernetes-announce/vmUUNkYfG9g", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/kubernetes-announce/vmUUNkYfG9g" }, { "reference_url": "https://groups.google.com/forum/#!topic/kubernetes-announce/vmUUNkYfG9g", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/kubernetes-announce/vmUUNkYfG9g" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1002100", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1002100" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190416-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190416-0002/" }, { "reference_url": "https://web.archive.org/web/20210125011246/https://www.securityfocus.com/bid/107290", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125011246/https://www.securityfocus.com/bid/107290" }, { "reference_url": "http://www.securityfocus.com/bid/107290", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107290" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683190", "reference_id": "1683190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683190" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923686", "reference_id": "923686", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923686" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1002100", "GHSA-q4rr-64r9-fwgf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35gz-1zjh-2qan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53094?format=api", "vulnerability_id": "VCID-3m8h-88sb-f7hk", "summary": "Privilege Escalation in Kubernetes\nIn all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3537", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3549", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3551", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3598", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3624", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3742", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3752", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3754", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3754" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90349", "scoring_system": "epss", "scoring_elements": "0.99605", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.90698", "scoring_system": "epss", "scoring_elements": "0.99622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.90698", "scoring_system": "epss", "scoring_elements": "0.99619", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.90698", "scoring_system": "epss", "scoring_elements": "0.9962", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.90698", "scoring_system": "epss", "scoring_elements": "0.99621", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002105" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/evict/poc_CVE-2018-1002105", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/evict/poc_CVE-2018-1002105" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/71411", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/71411" }, { "reference_url": "https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002105", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002105" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190416-0001" }, { "reference_url": "https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do" }, { "reference_url": "https://www.exploit-db.com/exploits/46052", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/46052" }, { "reference_url": "https://www.exploit-db.com/exploits/46053", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/46053" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2019/06/28/2" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/07/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2019/07/06/3" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/07/06/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2019/07/06/4" }, { "reference_url": "https://www.securityfocus.com/bid/106068", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.securityfocus.com/bid/106068" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648138", "reference_id": "1648138", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648138" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828", "reference_id": "915828", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828" }, { "reference_url": "https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py", "reference_id": "CVE-2018-1002105", "reference_type": "exploit", "scores": [], "url": "https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py" }, { "reference_url": "https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py", "reference_id": "CVE-2018-1002105", "reference_type": "exploit", "scores": [], "url": "https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py", "reference_id": "CVE-2018-1002105", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py", "reference_id": "CVE-2018-1002105", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1002105", "GHSA-579h-mv94-g4gp" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3m8h-88sb-f7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30498?format=api", "vulnerability_id": "VCID-3rmn-ytr3-6yet", "summary": "Kubernetes privilege escalation vulnerability\nA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3676.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3676.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.9738", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97379", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97376", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97367", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97356", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97364", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.40738", "scoring_system": "epss", "scoring_elements": "0.97357", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3676" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/073f9ea33a93ddaecdc2e829150fb715f6387399", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/073f9ea33a93ddaecdc2e829150fb715f6387399" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/39cc101c7855341c651a943b9836b50fbace8a6b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/39cc101c7855341c651a943b9836b50fbace8a6b" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/74b617310c24ca84c2ec90c3858af745d65b5226", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/74b617310c24ca84c2ec90c3858af745d65b5226" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/890483394221c8f22e88c48f86cd4eaf4de65fd6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/890483394221c8f22e88c48f86cd4eaf4de65fd6" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/a53faf5e17ed0b0771a605c6401ba4cbf297b59a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/a53faf5e17ed0b0771a605c6401ba4cbf297b59a" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/119339", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/119339" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120127", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120127" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120129", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120129" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120130", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120130" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120131", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120131" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120132", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120132" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120133", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120133" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3676", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3676" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231130-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231130-0007" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227126", "reference_id": "2227126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227126" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231130-0007/", "reference_id": "ntap-20231130-0007", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231130-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4777", "reference_id": "RHSA-2023:4777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4780", "reference_id": "RHSA-2023:4780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4835", "reference_id": "RHSA-2023:4835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4885", "reference_id": "RHSA-2023:4885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7515", "reference_id": "RHSA-2023:7515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7515" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3676", "GHSA-7fxm-f474-hf8w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3rmn-ytr3-6yet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26139?format=api", "vulnerability_id": "VCID-4gu9-2w32-xfcu", "summary": "kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClass\nA half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13281.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01952", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01916", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01922", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01937", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02575", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02562", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02463", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13281" }, { "reference_url": "https://github.com/advisories/GHSA-r6j8-c6r2-37rr", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r6j8-c6r2-37rr" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/7506ce804c20696ba32cdb72126270ceaed06e24", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/7506ce804c20696ba32cdb72126270ceaed06e24" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/97650c1c4fe15cbb7756ba95b3edc8a8665063ca", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/97650c1c4fe15cbb7756ba95b3edc8a8665063ca" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/dbe17dfe7773563eac95534040f413ada6d2b421", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/dbe17dfe7773563eac95534040f413ada6d2b421" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/135525", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T16:26:52Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/135525" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/EORqZg0k1l4/m/TtD-q0v7AgAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T16:26:52Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/EORqZg0k1l4/m/TtD-q0v7AgAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13281", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13281" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/12/01/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/12/01/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422109", "reference_id": "2422109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422109" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-13281", "GHSA-r6j8-c6r2-37rr" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gu9-2w32-xfcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48285?format=api", "vulnerability_id": "VCID-4jze-ndvq-nqhn", "summary": "Kubernetes Privilege Escalation\nKubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000056.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000056.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000056", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49013", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48967", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48921", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48963", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4897", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49017", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48941", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000056" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5e", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5e" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/43459", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/43459" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000056", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000056" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486336", "reference_id": "1486336", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486336" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926510?format=api", "purl": "pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.5.5%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000056", "GHSA-2jx2-76rc-2v7v" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jze-ndvq-nqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36081?format=api", "vulnerability_id": "VCID-4qqj-251q-ykek", "summary": "Confused Deputy in Kubernetes\nA security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66824", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66849", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71692", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71708", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71685", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71637", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71644", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71723", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71717", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25740" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/103675", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/103675" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25740", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25740" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211014-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211014-0001" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982470", "reference_id": "1982470", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982470" }, { "reference_url": "https://security.archlinux.org/AVG-1915", "reference_id": "AVG-1915", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1915" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25740", "GHSA-vw47-mr44-3jf9" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4qqj-251q-ykek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53028?format=api", "vulnerability_id": "VCID-57ar-astn-b7eu", "summary": "Kubernetes Unsafe Cacheing\nIn Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by `--cache-dir` (defaulting to `$HOME/.kube/http-cache`), written with world-writeable permissions (`rw-rw-rw-`). If `--cache-dir` is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3942", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0020", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0074", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0074" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11244.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11244.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26774", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26558", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26672", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26782", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26826", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26865", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26719", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2677", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26614", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26654", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11244" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/client-go/commit/790a4f63632139cf6731014d00a9a8338f1fbd7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go/commit/790a4f63632139cf6731014d00a9a8338f1fbd7d" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/76676", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/76676" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/77874", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/77874" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/77874/commits/f228ae3364729caed59087e23c42868454bc3ff4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/77874/commits/f228ae3364729caed59087e23c42868454bc3ff4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11244", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11244" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190509-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190509-0002" }, { "reference_url": "http://www.securityfocus.com/bid/108064", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/108064" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703209", "reference_id": "1703209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703209" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11244", "GHSA-2575-pghm-6qqx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57ar-astn-b7eu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82686?format=api", "vulnerability_id": "VCID-68f5-9mbb-syf5", "summary": "kubernetes: Incorrect rule injection in CNI portmap plugin", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0862" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67707", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67832", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67818", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67831", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67812", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6776", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67792", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67806", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6783", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67782", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9946" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCN66VYB3XS76SYH567SO7N3I254JOCT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCN66VYB3XS76SYH567SO7N3I254JOCT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGOOWAELGH3F7OXRBPH3HCNZELNLXYTW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGOOWAELGH3F7OXRBPH3HCNZELNLXYTW/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190416-0002/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692712", "reference_id": "1692712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692712" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cncf:portmap:*:*:*:*:*:container_networking_interface:*:*", "reference_id": "cpe:2.3:a:cncf:portmap:*:*:*:*:*:container_networking_interface:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cncf:portmap:*:*:*:*:*:container_networking_interface:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9946", "reference_id": "CVE-2019-9946", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3403", "reference_id": "RHSA-2019:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3403" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9946" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68f5-9mbb-syf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52066?format=api", "vulnerability_id": "VCID-6nk9-wkwg-ukeh", "summary": "Information Exposure in Kubernetes\nKubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2615.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2615.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2544", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:2544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2615", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:2615" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7528.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7528.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2015-7528", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2015-7528" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58569", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58601", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58623", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.5855", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58579", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58474", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58602", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7528" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286745", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286745" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/afd56495a1052a3387b81df1786a8d0f51bc8671", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/afd56495a1052a3387b81df1786a8d0f51bc8671" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/17886", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/17886" }, { "reference_url": "https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5" }, { "reference_url": "https://github.com/openshift/origin/pull/6113", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/pull/6113" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7528", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7528" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2015-2615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2015-2615.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:alpha.4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:alpha.4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:alpha.4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7528", "GHSA-mqf3-28j7-3mj6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6nk9-wkwg-ukeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32247?format=api", "vulnerability_id": "VCID-7359-arkb-zkg6", "summary": "Kubernetes mountable secrets policy bypass\nUsers may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2728.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2728.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2728", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89568", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89556", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89554", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89521", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89509", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89541", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04853", "scoring_system": "epss", "scoring_elements": "0.89537", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2728" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/118640", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/118640" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118356", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118356" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118471", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118471" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118473", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118473" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118474", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118474" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118512", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118512" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2728", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2728" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230803-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230803-0004" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/07/06/3" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211348", "reference_id": "2211348", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211348" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230803-0004/", "reference_id": "ntap-20230803-0004", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230803-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5009", "reference_id": "RHSA-2023:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2728", "GHSA-cgcv-5272-97pr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7359-arkb-zkg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30483?format=api", "vulnerability_id": "VCID-7ddh-ksnz-nbhj", "summary": "Kubernetes privilege escalation vulnerability\nA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3955.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73446", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73413", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73419", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.7336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73323", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73351", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73327", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73397", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3955" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/38c97fa67ed35f36e730856728c9e3807f63546a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/38c97fa67ed35f36e730856728c9e3807f63546a" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/50334505cd27cbe7cf71865388f25a00e29b2596", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/50334505cd27cbe7cf71865388f25a00e29b2596" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/7da6d72c05dffb3b87e62e2bc8c3228ea12ba1b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/7da6d72c05dffb3b87e62e2bc8c3228ea12ba1b9" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/b7547e28f898af37aa2f1107a49111f963250fe6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/b7547e28f898af37aa2f1107a49111f963250fe6" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/c4e17abb04728e3a3f9bb26e727b0f978df20ec9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/c4e17abb04728e3a3f9bb26e727b0f978df20ec9" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/119595", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/119595" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120128", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120128" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120134", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120134" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120135", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120135" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120136", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120136" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120137", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120137" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/120138", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/120138" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3955", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3955" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231221-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231221-0002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227128", "reference_id": "2227128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227128" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231221-0002/", "reference_id": "ntap-20231221-0002", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231221-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4777", "reference_id": "RHSA-2023:4777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4780", "reference_id": "RHSA-2023:4780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4835", "reference_id": "RHSA-2023:4835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4885", "reference_id": "RHSA-2023:4885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7515", "reference_id": "RHSA-2023:7515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7515" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3955", "GHSA-q78c-gwqw-jcmc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ddh-ksnz-nbhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42643?format=api", "vulnerability_id": "VCID-7gye-25qm-n3ed", "summary": "Files or Directories Accessible to External Parties in kubernetes\nA security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96909", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96879", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96908", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96901", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96894", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96887", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33042", "scoring_system": "epss", "scoring_elements": "0.96889", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33597", "scoring_system": "epss", "scoring_elements": "0.96911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33597", "scoring_system": "epss", "scoring_elements": "0.96903", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33597", "scoring_system": "epss", "scoring_elements": "0.96916", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25741" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-f5f7-6478-qm6p", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-f5f7-6478-qm6p" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/104980", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/104980" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25741", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25741" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211008-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211008-0006" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993749", "reference_id": "1993749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993749" }, { "reference_url": "https://security.archlinux.org/AVG-2393", "reference_id": "AVG-2393", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2393" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211008-0006/", "reference_id": "ntap-20211008-0006", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211008-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3631", "reference_id": "RHSA-2021:3631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3635", "reference_id": "RHSA-2021:3635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3642", "reference_id": "RHSA-2021:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3646", "reference_id": "RHSA-2021:3646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3646" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25741", "GHSA-f5f7-6478-qm6p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gye-25qm-n3ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26878?format=api", "vulnerability_id": "VCID-8mtx-nq5t-dqcg", "summary": "Node Denial of Service via kubelet Checkpoint API\nA security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1169", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11729", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11606", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11769", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11808", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11744", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11659", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11873", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11831", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-jgfp-53c3-624w", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jgfp-53c3-624w" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/130016", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:29:18Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/130016" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:29:18Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0426", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0426" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/02/13/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/02/13/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345617", "reference_id": "2345617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345617" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1824", "reference_id": "RHSA-2025:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2652", "reference_id": "RHSA-2025:2652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2652" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0426", "GHSA-jgfp-53c3-624w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mtx-nq5t-dqcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31178?format=api", "vulnerability_id": "VCID-8y33-9aqr-fubd", "summary": "Kubernetes vulnerable to validation bypass\nUsers may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3294.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66544", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66535", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66513", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66505", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66443", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66446", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3294" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/113757", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/113757" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3294", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3294" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230505-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230505-0007" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136675", "reference_id": "2136675", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136675" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230505-0007/", "reference_id": "ntap-20230505-0007", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230505-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3294", "GHSA-jh36-q97c-9928" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8y33-9aqr-fubd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79020?format=api", "vulnerability_id": "VCID-92ak-64hu-dbg1", "summary": "kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3172.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3172.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85412", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85436", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85444", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85458", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02537", "scoring_system": "epss", "scoring_elements": "0.85453", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02823", "scoring_system": "epss", "scoring_elements": "0.86195", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02823", "scoring_system": "epss", "scoring_elements": "0.86174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02834", "scoring_system": "epss", "scoring_elements": "0.862", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02834", "scoring_system": "epss", "scoring_elements": "0.86205", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3172" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127804", "reference_id": "2127804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1655", "reference_id": "RHSA-2023:1655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3609", "reference_id": "RHSA-2023:3609", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3609" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3172" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92ak-64hu-dbg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82286?format=api", "vulnerability_id": "VCID-9498-37sr-xyet", "summary": "kubernetes: /debug/pprof endpoint exposed on kubelet's healthz port", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11248.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11248.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99635", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99641", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99637", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99639", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.91007", "scoring_system": "epss", "scoring_elements": "0.99634", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11248" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/81023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/kubernetes/kubernetes/issues/81023" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738368", "reference_id": "1738368", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738368" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934182", "reference_id": "934182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934182" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11248", "reference_id": "CVE-2019-11248", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11248" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9498-37sr-xyet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48669?format=api", "vulnerability_id": "VCID-9s34-1nd8-f7ee", "summary": "XML Entity Expansion and Improper Input Validation in Kubernetes API server\nImproper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.\n\n### Specific Go Packages Affected\nk8s.io/kubernetes/pkg/apiserver", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3239", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3811", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3905" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11253.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11253.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99292", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99297", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99296", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99295", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99294", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99293", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99285", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99288", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.83793", "scoring_system": "epss", "scoring_elements": "0.99291", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11253" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11253", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11253" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gist.github.com/bgeesaman/0e0349e94cd22c48bf14d8a9b7d6b8f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/bgeesaman/0e0349e94cd22c48bf14d8a9b7d6b8f2" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/83253", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/83253" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/83261", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/83261" }, { "reference_url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/jk8polzSUxs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/jk8polzSUxs" }, { "reference_url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/jk8polzSUxs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/jk8polzSUxs" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11253", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11253" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0703", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0703" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191031-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20191031-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191031-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191031-0006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757701", "reference_id": "1757701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757701" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3132", "reference_id": "RHSA-2019:3132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2795", "reference_id": "RHSA-2020:2795", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2796", "reference_id": "RHSA-2020:2796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2799", "reference_id": "RHSA-2020:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2861", "reference_id": "RHSA-2020:2861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2863", "reference_id": "RHSA-2020:2863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2870", "reference_id": "RHSA-2020:2870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2183", "reference_id": "RHSA-2022:2183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2183" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11253", "GHSA-pmqp-h87c-mr78" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9s34-1nd8-f7ee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12858?format=api", "vulnerability_id": "VCID-cjth-qqvy-hqhk", "summary": "Kubelet Incorrect Privilege Assignment\nIn kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit `runAsUser` attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified `mustRunAsNonRoot: true`, the kubelet will refuse to start the container as root. If the pod did not specify `mustRunAsNonRoot: true`, the kubelet will run the container as uid 0.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11245.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11245.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11245", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35915", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36146", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36213", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36171", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36233", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3616", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36293", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11245" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715726", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715726" }, { "reference_url": "https://github.com/advisories/GHSA-r76g-g87f-vw8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r76g-g87f-vw8f" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/78308", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/78308" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/76665", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/76665" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/76665/commits/26e3c8674e66f0d10170d34f5445f0aed207387f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/76665/commits/26e3c8674e66f0d10170d34f5445f0aed207387f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11245", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11245" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2780", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2780" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11245", "GHSA-r76g-g87f-vw8f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjth-qqvy-hqhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30808?format=api", "vulnerability_id": "VCID-csq4-589g-qfa4", "summary": "Kubernetes client-go vulnerable to Sensitive Information Leak via Log File\nIn Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.5, <= v1.18.13, <= v1.17.15, < v1.20.0-alpha2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18283", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18257", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.183", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.184", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18557", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18351", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18781", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/client-go", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go" }, { "reference_url": "https://github.com/kubernetes/client-go/commit/19875a3d5a2e0d4f51c976a9e0662de3c2c011e3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go/commit/19875a3d5a2e0d4f51c976a9e0662de3c2c011e3" }, { "reference_url": "https://github.com/kubernetes/client-go/commit/1b8383fc150c9b816b0072032cca75754c2734d0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go/commit/1b8383fc150c9b816b0072032cca75754c2734d0" }, { "reference_url": "https://github.com/kubernetes/client-go/commit/44e1a07f2d513e375c4b6ee6e890040b47befe86", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go/commit/44e1a07f2d513e375c4b6ee6e890040b47befe86" }, { "reference_url": "https://github.com/kubernetes/client-go/commit/e8f871a2e5fadf90fc114565abc0963967f1a373", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/client-go/commit/e8f871a2e5fadf90fc114565abc0963967f1a373" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/95623", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/95623" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/95316", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/95316" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2021-0064", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2021-0064" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886638", "reference_id": "1886638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886638" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972649", "reference_id": "972649", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2041", "reference_id": "RHSA-2021:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5085", "reference_id": "RHSA-2021:5085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5086", "reference_id": "RHSA-2021:5086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5086" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926518?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8565", "GHSA-8cfg-vx93-jvxw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csq4-589g-qfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55689?format=api", "vulnerability_id": "VCID-dpht-br2m-zqfs", "summary": "Kubernetes arbitrary file overwrite\nIn Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66463", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66439", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66438", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66383", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66414", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66356", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66352", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66317", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66445", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002100" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1564305", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1564305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002100" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/61297", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/61297" }, { "reference_url": "https://hansmi.ch/articles/2018-04-openshift-s2i-security", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hansmi.ch/articles/2018-04-openshift-s2i-security" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002100", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002100" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929225", "reference_id": "929225", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929225" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1002100", "GHSA-2jq6-ffph-p4h8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dpht-br2m-zqfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57497?format=api", "vulnerability_id": "VCID-dxej-zg13-63ff", "summary": "Kubernetes did not effectively clear service account credentials\nIn Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not effectively clear service account credentials loaded using rest.InClusterConfig()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46924", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46935", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46959", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46995", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4699", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46881", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46918", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11243" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/76797", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/76797" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11243", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11243" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190509-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190509-0002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703218", "reference_id": "1703218", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703218" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11243", "GHSA-gc2p-g4fg-29vh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxej-zg13-63ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53050?format=api", "vulnerability_id": "VCID-dxhw-y156-2kfz", "summary": "Kubernetes API Server DoS Via API Requests\nThe Kubernetes API server component in Kubernetes versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22273", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2241", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22577", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22407", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22561", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22465", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22481", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22477", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22426", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/89378", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/89378" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/87669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/87669" }, { "reference_url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s" }, { "reference_url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8552", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8552" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200413-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200413-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797909", "reference_id": "1797909", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797909" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0933", "reference_id": "RHSA-2020:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1526", "reference_id": "RHSA-2020:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1527", "reference_id": "RHSA-2020:1527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2306", "reference_id": "RHSA-2020:2306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2992", "reference_id": "RHSA-2020:2992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8552", "GHSA-82hx-w2r5-c2wq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxhw-y156-2kfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31503?format=api", "vulnerability_id": "VCID-ea5d-jxkg-mbhn", "summary": "Kubernetes vulnerable to path traversal\nUsers authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3162.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3162.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3162", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77342", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77308", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77317", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.7728", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77301", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77273", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77264", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01025", "scoring_system": "epss", "scoring_elements": "0.7725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01148", "scoring_system": "epss", "scoring_elements": "0.78426", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3162" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/113756", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/113756" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230511-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230511-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673", "reference_id": "2136673", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230511-0004/", "reference_id": "ntap-20230511-0004", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230511-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0772", "reference_id": "RHSA-2023:0772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3162", "GHSA-2394-5535-8j88" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5d-jxkg-mbhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53012?format=api", "vulnerability_id": "VCID-eztq-5cu5-7yfd", "summary": "Kubernetes Arbitrary Command Injection\nIn Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.\n\n### Specific Go Packages Affected\nk8s.io/kubernetes/pkg/util/mount", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74939", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74825", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.74903", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002101" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/d65039c56ce4de5f2efdc38aa1284eeb95f89169", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/d65039c56ce4de5f2efdc38aa1284eeb95f89169" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/65750", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/65750" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/65751", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/65751" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002101" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190416-0008" }, { "reference_url": "http://www.securityfocus.com/bid/106238", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106238" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659877", "reference_id": "1659877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659877" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1002101", "GHSA-wqwf-x5cj-rg56" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eztq-5cu5-7yfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36620?format=api", "vulnerability_id": "VCID-fbzn-vujj-pud5", "summary": "Excessive Platform Resource Consumption within a Loop in Kubernetes\nThe Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31016", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31276", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31175", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31203", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31189", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.312", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31327", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31368", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31241", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31272", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31232", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11254" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48" }, { "reference_url": "https://github.com/go-yaml/yaml/pull/555", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/go-yaml/yaml/pull/555" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/89535", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/89535" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2020-0036", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2020-0036" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200413-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200413-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486", "reference_id": "1819486", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0933", "reference_id": "RHSA-2020:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2413", "reference_id": "RHSA-2020:2413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2479", "reference_id": "RHSA-2020:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2479" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11254", "GHSA-wxc4-f4m6-wwqv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbzn-vujj-pud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36498?format=api", "vulnerability_id": "VCID-fmcb-kpgu-5fcg", "summary": "Authorization bypass in Openshift\nOpenshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0351", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0351" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2016-1906" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85485", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85509", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.8549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85388", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.8542", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85423", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85444", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85486", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1906" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297916", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297916" }, { "reference_url": "https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406" }, { "reference_url": "https://github.com/openshift/origin/issues/6556", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/issues/6556" }, { "reference_url": "https://github.com/openshift/origin/pull/6576", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/pull/6576" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1906" }, { "reference_url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1906", "GHSA-m3fm-h5jp-q79p" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmcb-kpgu-5fcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83600?format=api", "vulnerability_id": "VCID-fpvm-f4py-mfbb", "summary": "kubernetes: Volume security can be sidestepped with innocent emptyDir and subpath", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96899", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96906", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96924", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96926", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.9693", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96938", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96942", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96945", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.33507", "scoring_system": "epss", "scoring_elements": "0.96944", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002101" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525130", "reference_id": "1525130", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525130" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892801", "reference_id": "892801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892801" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926511?format=api", "purl": "pkg:deb/debian/kubernetes@1.7.16%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.7.16%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1002101" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpvm-f4py-mfbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17323?format=api", "vulnerability_id": "VCID-ftrr-y54a-s7a1", "summary": "Kubernetes kubelet arbitrary command execution\nThe Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10220.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10220.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10220", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96892", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96906", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96902", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33227", "scoring_system": "epss", "scoring_elements": "0.96888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39569", "scoring_system": "epss", "scoring_elements": "0.97317", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.39569", "scoring_system": "epss", "scoring_elements": "0.97316", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.39569", "scoring_system": "epss", "scoring_elements": "0.97313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.39569", "scoring_system": "epss", "scoring_elements": "0.97306", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/1ab06efe92d8e898ca1931471c9533ce94aba29b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/1ab06efe92d8e898ca1931471c9533ce94aba29b" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/128885", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:21:04Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/128885" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:21:04Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10220", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10220" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-3286", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2024-3286" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/11/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2024/11/20/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323060", "reference_id": "2323060", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323060" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-10220", "GHSA-27wf-5967-98gx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftrr-y54a-s7a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82465?format=api", "vulnerability_id": "VCID-humx-y4h8-pbeb", "summary": "kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11246.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11246.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11246", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.80938", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81058", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.80998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81037", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.80947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.8097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.80968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.80996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81003", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01482", "scoring_system": "epss", "scoring_elements": "0.81006", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11246" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/76788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/kubernetes/kubernetes/pull/76788" }, { "reference_url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/NLs2TGbfPdo", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/NLs2TGbfPdo" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721704", "reference_id": "1721704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721704" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11246", "reference_id": "CVE-2019-11246", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1632", "reference_id": "RHSA-2019:1632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1632" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1633", "reference_id": "RHSA-2019:1633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1852", "reference_id": "RHSA-2019:1852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11246" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-humx-y4h8-pbeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47748?format=api", "vulnerability_id": "VCID-jgn7-651b-p3cm", "summary": "Access Restriction Bypass in kube-apiserver\nA vulnerability in Kubernetes `kube-apiserver` could allow node updates to bypass a _Validating Admission Webhook_ and allow unauthorized node updates. The information that is provided to the admission controller could contain old configurations that overwrite values used for validation. Since the overwriting takes place before the validation, this could lead the admission controller to accept requests that should be blocked. The vulnerability can be exploited when an update action on node resources is performed and an admission controller is in place and configured to validate the action.\n\nUsers are only affected by this vulnerability if they are running a _Validating Admission Webhook_ for Nodes that denies admission based partially on the old state of the Node object. It only impacts validating admission plugins that rely on old values in certain fields and does not impact calls from kubelets that go through the built-in NodeRestriction admission plugin.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94446", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94443", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94437", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.9442", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14393", "scoring_system": "epss", "scoring_elements": "0.94391", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25735" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937562", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/100096", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/100096" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/99946", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/99946" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25735", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25735" }, { "reference_url": "https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver" }, { "reference_url": "https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793", "reference_id": "990793", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793" }, { "reference_url": "https://security.archlinux.org/AVG-1825", "reference_id": "AVG-1825", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2437", "reference_id": "RHSA-2021:2437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2437" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25735", "GHSA-g42g-737j-qx6j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgn7-651b-p3cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36170?format=api", "vulnerability_id": "VCID-jjnq-w1uh-dudy", "summary": "Incomplete List of Disallowed Inputs in Kubernetes\nA security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59401", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59426", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59438", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59406", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59441", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59422", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59293", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59367", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59391", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25737" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/102106", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/102106" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25737", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25737" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211004-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211004-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954917", "reference_id": "1954917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954917" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793", "reference_id": "990793", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793" }, { "reference_url": "https://security.archlinux.org/ASA-202106-29", "reference_id": "ASA-202106-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-29" }, { "reference_url": "https://security.archlinux.org/AVG-1970", "reference_id": "AVG-1970", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2437", "reference_id": "RHSA-2021:2437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2437" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25737", "GHSA-mfv7-gq43-w965" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jjnq-w1uh-dudy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32324?format=api", "vulnerability_id": "VCID-jm3q-n1be-3uc8", "summary": "Kubelet vulnerable to bypass of seccomp profile enforcement\nA security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2431.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2431.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01206", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01201", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.00993", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0113", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01127", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01008", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01006", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.00998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.00997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01132", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01119", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2431" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/118690", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/118690" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/117020", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/117020" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/117116", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/117116" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/117117", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/117117" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/117118", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/117118" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/117147", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/117147" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/QHmx0HOQa10", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/QHmx0HOQa10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2431", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2431" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1864", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215555", "reference_id": "2215555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215555" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ/", "reference_id": "43HDSKBKPSW53OW647B5ETHRWFFNHSRQ", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6156", "reference_id": "RHSA-2023:6156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6156" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G/", "reference_id": "XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2431", "GHSA-xc8m-28vv-4pjc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jm3q-n1be-3uc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81527?format=api", "vulnerability_id": "VCID-jwt2-1eqe-qyfq", "summary": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57729", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57833", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57881", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69791", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69723", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6975", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69759", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6974", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11252" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860158", "reference_id": "1860158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2413", "reference_id": "RHSA-2020:2413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2413" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926513?format=api", "purl": "pkg:deb/debian/kubernetes@1.18.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11252" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwt2-1eqe-qyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52961?format=api", "vulnerability_id": "VCID-k31a-cbd1-wkh5", "summary": "Access Restriction Bypass in kubernetes\nThe API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.\n\n### Specific Go Packages Affected\ngithub.com/kubernetes/kubernetes/pkg/apiserver", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0351", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0351" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2016-1905" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4652", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46478", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46533", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46556", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46528", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46591", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46538", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46472", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297910", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297910" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/19479", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/19479" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:P/A:N" }, { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1905" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1905", "GHSA-xx8c-m748-xr4j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k31a-cbd1-wkh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35718?format=api", "vulnerability_id": "VCID-kgvu-q3dc-8khe", "summary": "Confused Deputy in Kubernetes\nA security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8561.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8561.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40002", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40075", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40025", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40044", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4007", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40577", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40476", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8561" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/104720", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/104720" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsY", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsY" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8561", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8561" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211014-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211014-0002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000366", "reference_id": "2000366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000366" }, { "reference_url": "https://security.archlinux.org/AVG-2394", "reference_id": "AVG-2394", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2394" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8561", "GHSA-74j8-88mm-7496" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kgvu-q3dc-8khe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84240?format=api", "vulnerability_id": "VCID-m3n6-yj6t-y7eq", "summary": "kubernetes: Incorrect default access permissions for Persistent Volumes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.5013", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50183", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50237", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50211", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50207", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50229", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50235", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002100" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/47611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/kubernetes/kubernetes/issues/47611" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492101", "reference_id": "1492101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492101" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1002100", "reference_id": "CVE-2017-1002100", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1002100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1002100" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3n6-yj6t-y7eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31900?format=api", "vulnerability_id": "VCID-nush-2wsq-b3f5", "summary": "Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validation\nKubernetes is vulnerable to privilege escalation when a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87974", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87958", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.8791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.8794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87951", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03694", "scoring_system": "epss", "scoring_elements": "0.87944", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3893" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes-csi/csi-proxy", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes-csi/csi-proxy" }, { "reference_url": "https://github.com/kubernetes-csi/csi-proxy/commit/0e83a68159111e4ee510f5aa56d47ba97bda60c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes-csi/csi-proxy/commit/0e83a68159111e4ee510f5aa56d47ba97bda60c7" }, { "reference_url": "https://github.com/kubernetes-csi/csi-proxy/commit/2523e6674dedf3de27f84235efec28555da24664", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes-csi/csi-proxy/commit/2523e6674dedf3de27f84235efec28555da24664" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/119594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/119594" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3893", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3893" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231221-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231221-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227129", "reference_id": "2227129", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227129" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3893", "GHSA-r6cc-7wj7-gfx2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nush-2wsq-b3f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53108?format=api", "vulnerability_id": "VCID-ny1b-eq77-fuhw", "summary": "Server Side Request Forgery (SSRF) in Kubernetes\nThe Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92446", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92429", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92407", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.92396", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0861", "scoring_system": "epss", "scoring_elements": "0.9244", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/91542", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/91542" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/89794", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/89794" }, { "reference_url": "https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8555", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8555" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200724-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200724-0005" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/06/01/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2020/06/01/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821583", "reference_id": "1821583", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2440", "reference_id": "RHSA-2020:2440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2441", "reference_id": "RHSA-2020:2441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2448", "reference_id": "RHSA-2020:2448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2449", "reference_id": "RHSA-2020:2449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2479", "reference_id": "RHSA-2020:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2594", "reference_id": "RHSA-2020:2594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2594" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926515?format=api", "purl": "pkg:deb/debian/kubernetes@1.18.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8555", "GHSA-x6mj-w4jf-jmgw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ny1b-eq77-fuhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12737?format=api", "vulnerability_id": "VCID-pjvk-1xxm-87d8", "summary": "Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin\nA security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91066", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91053", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.9105", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91052", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91019", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.90981", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.90991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06395", "scoring_system": "epss", "scoring_elements": "0.91001", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-pxhw-596r-rwq5", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pxhw-596r-rwq5" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/124336", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/124336" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3177", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3177" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2746", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2746" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/16/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/16/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274118", "reference_id": "2274118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0043", "reference_id": "RHSA-2024:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2054", "reference_id": "RHSA-2024:2054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2054" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-3177", "GHSA-pxhw-596r-rwq5" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pjvk-1xxm-87d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29529?format=api", "vulnerability_id": "VCID-ppcs-yxcf-57at", "summary": "Kubernetes kube-apiserver Vulnerable to Race Condition\nA security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04921", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04812", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7598" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/126587", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T18:40:30Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/126587" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T18:40:30Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7598", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7598" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/03/20/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/03/20/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353913", "reference_id": "2353913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353913" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7598", "GHSA-r56h-j38w-hrqq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcs-yxcf-57at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32205?format=api", "vulnerability_id": "VCID-pqb1-j3ad-efam", "summary": "kube-apiserver vulnerable to policy bypass\nUsers may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40799", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40984", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41009", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4097", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4101", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40991", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/118640", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/118640" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118356", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118356" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118471", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118471" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118473", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118473" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118474", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118474" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/118512", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/118512" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2727", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2727" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230803-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230803-0004" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/06/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/07/06/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211322", "reference_id": "2211322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211322" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230803-0004/", "reference_id": "ntap-20230803-0004", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230803-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5009", "reference_id": "RHSA-2023:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2727", "GHSA-qc2g-gmh6-95p4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pqb1-j3ad-efam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52908?format=api", "vulnerability_id": "VCID-ptve-3k7k-cqcm", "summary": "Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes\nThe Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69969", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69824", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69836", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69851", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69915", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.699", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69927", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69936", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/9802bfcec0580169cffce2a3d468689a407fa7dc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/9802bfcec0580169cffce2a3d468689a407fa7dc" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/89377", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/89377" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/87913", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/87913" }, { "reference_url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s" }, { "reference_url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8551", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8551" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200413-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200413-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816403", "reference_id": "1816403", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816403" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1276", "reference_id": "RHSA-2020:1276", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1277", "reference_id": "RHSA-2020:1277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1277" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8551", "GHSA-qhm4-jxv7-j9pq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptve-3k7k-cqcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53039?format=api", "vulnerability_id": "VCID-qpg5-h1k8-yydt", "summary": "Directory Traversal in Kubernetes\nDirectory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1945", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1945" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5305.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5305.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2015-5305", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2015-5305" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51775", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51724", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51712", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51761", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51781", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51673", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51636", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51728", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5305" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/37f730f68c7f06e060f90714439bfb0dbb2df5e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/37f730f68c7f06e060f90714439bfb0dbb2df5e7" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/68f2add9bd5d43b9da1424d87d88f83d120e17d0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/68f2add9bd5d43b9da1424d87d88f83d120e17d0" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/16381", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/16381" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5305", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5305" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0701", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0701" }, { "reference_url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5305", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5305" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5305", "GHSA-jp32-vmm6-3vf5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpg5-h1k8-yydt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32190?format=api", "vulnerability_id": "VCID-qxw4-2hry-uuf4", "summary": "Kubernetes Improper Input Validation vulnerability\nA security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95259", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95257", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95254", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95246", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95237", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95226", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.95222", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18507", "scoring_system": "epss", "scoring_elements": "0.9522", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5528" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/121879", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/121879" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121881", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121881" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121882", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121882" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121883", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121883" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121884", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121884" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121885", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121885" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5528", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5528" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240119-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240119-0009" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247163", "reference_id": "2247163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247163" }, { "reference_url": "https://security.gentoo.org/glsa/202405-31", "reference_id": "GLSA-202405-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-31" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7662", "reference_id": "RHSA-2023:7662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7709", "reference_id": "RHSA-2023:7709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7710", "reference_id": "RHSA-2023:7710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0954", "reference_id": "RHSA-2024:0954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1203", "reference_id": "RHSA-2024:1203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1203" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5528", "GHSA-hq6q-c2x6-hmch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxw4-2hry-uuf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59088?format=api", "vulnerability_id": "VCID-rwt5-ctc9-tba1", "summary": "Kubernetes client-go library logs may disclose credentials to unauthorized users\nThe Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4052", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4087", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4087" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11250.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11250.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74222", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74227", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74207", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74179", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74174", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74296", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.74262", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.7427", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0081", "scoring_system": "epss", "scoring_elements": "0.7426", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11250" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/81114", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/81114" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/81330", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/81330" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11250", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:N/A:N" }, { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11250" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2021-0065", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2021-0065" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/10/16/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2020/10/16/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740434", "reference_id": "1740434", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740434" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934801", "reference_id": "934801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934801" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.3:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.3:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.3:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11250", "GHSA-jmrx-5g74-6v2f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rwt5-ctc9-tba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79022?format=api", "vulnerability_id": "VCID-srhm-91w1-k3h7", "summary": "kubelet: runAsNonRoot logic bypass for Windows containers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11474", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11601", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11478", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.114", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11523", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11447", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11592", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11602", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11566", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1154", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25749" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127808", "reference_id": "2127808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127808" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/qqTZgulISzA", "reference_id": "qqTZgulISzA", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-16T21:21:04Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/qqTZgulISzA" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9096", "reference_id": "RHSA-2022:9096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9096" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25749" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-srhm-91w1-k3h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84860?format=api", "vulnerability_id": "VCID-su6u-whda-fkdw", "summary": "3: API server does not validate client-provided intermediate certificates correctly", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7075.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7075.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7075", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50868", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50888", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50895", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50844", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7075" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7075", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7075" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384112", "reference_id": "1384112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384112" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795652", "reference_id": "795652", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2064", "reference_id": "RHSA-2016:2064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2064" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926510?format=api", "purl": "pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.5.5%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7075" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-su6u-whda-fkdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29519?format=api", "vulnerability_id": "VCID-sur2-ewj3-8bgx", "summary": "Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API\nA security vulnerability has been discovered in Kubernetes windows nodes that could allow a user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host. This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9042.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57063", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57154", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57172", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57107", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57108", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57158", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57832", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9042" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/45f4ccc2153bbb782253704cbe24c05e22b5d60c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/45f4ccc2153bbb782253704cbe24c05e22b5d60c" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/5fe148234f8ab1184f26069c4f7bef6c37efe347", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/5fe148234f8ab1184f26069c4f7bef6c37efe347" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/75c83a6871dc030675288c6d63c275a43c2f0d55", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/75c83a6871dc030675288c6d63c275a43c2f0d55" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/fb0187c2bf7061258bb89891edb1237261eb7abc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/fb0187c2bf7061258bb89891edb1237261eb7abc" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/129654", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:24:29Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/129654" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:24:29Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9042", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9042" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/01/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/01/16/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337297", "reference_id": "2337297", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8704", "reference_id": "RHSA-2025:8704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9136", "reference_id": "RHSA-2025:9136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9136" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-9042", "GHSA-vv39-3w5q-974q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sur2-ewj3-8bgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52932?format=api", "vulnerability_id": "VCID-tc46-9vdm-xudz", "summary": "Improper Authentication in Kubernetes\nA security issue was discovered in the Kubelet and kube-proxy components of Kubernetes which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. For example, if a cluster administrator runs a TCP service on a node that listens on 127.0.0.1:1234, because of this bug, that service would be potentially reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. If the example service on port 1234 required no additional authentication (because it assumed that only other localhost processes could reach it), then it could be vulnerable to attacks that make use of this bug.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8558.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8558.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95456", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95493", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95492", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.9549", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95476", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.9551", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95506", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.20149", "scoring_system": "epss", "scoring_elements": "0.95501", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8558" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/92315", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/92315" }, { "reference_url": "https://github.com/tabbysable/POC-2020-8558", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tabbysable/POC-2020-8558" }, { "reference_url": "https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE" }, { "reference_url": "https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200821-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200821-0001" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2020/07/08/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2020/07/08/1" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2413", "reference_id": "RHSA-2020:2413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2926", "reference_id": "RHSA-2020:2926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2927", "reference_id": "RHSA-2020:2927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2992", "reference_id": "RHSA-2020:2992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3183", "reference_id": "RHSA-2020:3183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3184", "reference_id": "RHSA-2020:3184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3184" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926516?format=api", "purl": "pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8558", "GHSA-wqv3-8cm6-h6wg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tc46-9vdm-xudz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12685?format=api", "vulnerability_id": "VCID-u8h6-kbws-8fbp", "summary": "Sensitive Information leak via Log File in Kubernetes\nIn Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8563.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8563.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22436", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.2264", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22684", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22723", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22705", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.2257", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22787", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22743", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8563" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886635", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886635" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/95621", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/95621" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/95236", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/95236" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96" }, { "reference_url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8563", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8563" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5260", "reference_id": "RHSA-2020:5260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5633", "reference_id": "RHSA-2020:5633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5633" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8563", "GHSA-5xfg-wv98-264m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8h6-kbws-8fbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29990?format=api", "vulnerability_id": "VCID-uamg-zw29-yqgq", "summary": "kubernetes allows nodes to bypass dynamic resource allocation authorization checks\nA vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4563.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4563.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10287", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11216", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11368", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29621", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29701", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4563" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4563", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4563" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/132151", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:57:05Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/132151" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/131844", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/131844" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/131875", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/131875" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/131876", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/131876" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:57:05Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4563", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4563" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3774", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3774" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373839", "reference_id": "2373839", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373839" }, { "reference_url": "https://security.archlinux.org/AVG-2904", "reference_id": "AVG-2904", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2904" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4563", "GHSA-hj2p-8wj8-pfq4" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uamg-zw29-yqgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29180?format=api", "vulnerability_id": "VCID-uge5-g4vw-n7de", "summary": "Kubernetes GitRepo Volume Inadvertent Local Repository Access\nA security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28661", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28606", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2863", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48222", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48203", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1767" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/130786", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:21:24Z/" } ], "url": "https://github.com/kubernetes/kubernetes/pull/130786" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:21:24Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1767", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1767" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/03/13/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/03/13/9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351269", "reference_id": "2351269", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351269" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-1767", "GHSA-3wgm-2gw2-vh5m" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uge5-g4vw-n7de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53078?format=api", "vulnerability_id": "VCID-vctf-a4t5-q7a2", "summary": "Unverified Ownership in Kubernetes\nKubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8554.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8554.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.96146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.96163", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.96159", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.9615", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.96148", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.24784", "scoring_system": "epss", "scoring_elements": "0.96142", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96157", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96208", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96209", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.25265", "scoring_system": "epss", "scoring_elements": "0.96172", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8554" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/97076", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/97076" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/97110", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/97110" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8" }, { "reference_url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8554", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8554" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891051", "reference_id": "1891051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891051" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793", "reference_id": "990793", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0079", "reference_id": "RHSA-2021:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0079" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926514?format=api", "purl": "pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.31.4%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8554", "GHSA-j9wf-vvm6-4r9w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vctf-a4t5-q7a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52976?format=api", "vulnerability_id": "VCID-vj7p-66bc-7yam", "summary": "Symlink Attack in kubectl cp\nThe kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0619", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0619" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0620", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0620" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0636", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0636" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002101.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2019-1002101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2019-1002101" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97759", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97765", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97783", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97789", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97792", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.9779", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.9778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97777", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97774", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97769", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.49274", "scoring_system": "epss", "scoring_elements": "0.97767", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1002101" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/47063891dd782835170f500a83f37cc98c3c1013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/47063891dd782835170f500a83f37cc98c3c1013" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/75037", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/75037" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1002101" }, { "reference_url": "https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101" }, { "reference_url": "https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/21/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/08/05/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2019/08/05/5" }, { "reference_url": "http://www.securityfocus.com/bid/107652", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/107652" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685213", "reference_id": "1685213", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685213" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1002101", "GHSA-34jx-wx69-9x8v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vj7p-66bc-7yam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53009?format=api", "vulnerability_id": "VCID-vu3k-upyc-x7av", "summary": "Potential proxy IP restriction bypass in Kubernetes\nAs mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation Kubernetes does a DNS name resolution check and validates that response IPs are not in the link-local (169.254.0.0/16) or localhost (127.0.0.0/8) range. Kubernetes then performs a second DNS resolution without validation for the actual connection. If a non-standard DNS server returns different non-cached responses, a user may be able to bypass the proxy IP restriction and access private networks on the control plane. All versions of Kubernetes are impacted, and there is no fix in place.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8562.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8562.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1773", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17784", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17775", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17833", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17882", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17762", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18008", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18062", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8562" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/101493", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/101493" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/101493#issuecomment-2272095629", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/101493#issuecomment-2272095629" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/-MFX60_wdOY", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/-MFX60_wdOY" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8562", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8562" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220225-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220225-0002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954914", "reference_id": "1954914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954914" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793", "reference_id": "990793", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793" }, { "reference_url": "https://security.archlinux.org/AVG-1915", "reference_id": "AVG-1915", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1915" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8562", "GHSA-qh36-44jv-c8xj" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vu3k-upyc-x7av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30489?format=api", "vulnerability_id": "VCID-w9b7-vajk-3kdq", "summary": "Kube-proxy may unintentionally forward traffic\nKube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (`spec.ports[*].port`) as a LoadBalancer Service when the LoadBalancer controller does not set the `status.loadBalancer.ingress[].ip` field. Clusters \nwhere the LoadBalancer controller sets the `status.loadBalancer.ingress[].ip` field are unaffected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23573", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23684", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23706", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23716", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23806", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23744", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23674", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23887", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23729", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25736" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/b014610de3e5cf1bb0f7844b5758d29fc18b75e6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/b014610de3e5cf1bb0f7844b5758d29fc18b75e6" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/99958", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/" } ], "url": "https://github.com/kubernetes/kubernetes/pull/99958" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25736", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25736" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231221-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231221-0003" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946538", "reference_id": "1946538", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946538" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231221-0003/", "reference_id": "ntap-20231221-0003", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231221-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2130", "reference_id": "RHSA-2021:2130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2130" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25736", "GHSA-35c7-w35f-xwgh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w9b7-vajk-3kdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12616?format=api", "vulnerability_id": "VCID-wpwc-fkd7-qugm", "summary": "Denial of service in Kubernetes\nThe Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.2939", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29503", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29574", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29555", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29678", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29652", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8557" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-55qj-gj3x-jq9r", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-55qj-gj3x-jq9r" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/93032", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/93032" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/92921", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/92921" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8557", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8557" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2753", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2753" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200821-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200821-0002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835977", "reference_id": "1835977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3519", "reference_id": "RHSA-2020:3519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3520", "reference_id": "RHSA-2020:3520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3579", "reference_id": "RHSA-2020:3579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3580", "reference_id": "RHSA-2020:3580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3808", "reference_id": "RHSA-2020:3808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3809", "reference_id": "RHSA-2020:3809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3915", "reference_id": "RHSA-2021:3915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3915" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926516?format=api", "purl": "pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8557", "GHSA-55qj-gj3x-jq9r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpwc-fkd7-qugm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28201?format=api", "vulnerability_id": "VCID-wr54-j3ky-abfa", "summary": "Kubernetes Nodes can delete themselves by adding an OwnerReference\nA vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5187.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06944", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08765", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08874", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08908", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08891", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0874", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08892", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08814", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08834", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/a2d98cac56a0c5cb2d8abc4d087fc00846b3bc0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/a2d98cac56a0c5cb2d8abc4d087fc00846b3bc0f" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/133471", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:27Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/133471" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/znSNY7XCztE", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:27Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/znSNY7XCztE" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5187", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375801", "reference_id": "2375801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375801" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5187", "GHSA-4x4m-3c2p-qppc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr54-j3ky-abfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81782?format=api", "vulnerability_id": "VCID-x5e9-nj8f-aye9", "summary": "kubernetes: improper validation of URL redirection in the Kubernetes API server allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002102.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42892", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42927", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42977", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.4299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.4296", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.4302", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43008", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42945", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42868", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002102" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784602", "reference_id": "1784602", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5363", "reference_id": "RHSA-2020:5363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5363" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1002102" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5e9-nj8f-aye9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82294?format=api", "vulnerability_id": "VCID-xcss-tfeh-w7a6", "summary": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:2794" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:2816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:2816" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:2824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:2824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3811" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11249.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11249.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86187", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86152", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86169", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86175", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86166", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86097", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86112", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86131", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02819", "scoring_system": "epss", "scoring_elements": "0.86156", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11249" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/80984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/kubernetes/kubernetes/issues/80984" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737651", "reference_id": "1737651", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737651" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249", "reference_id": "CVE-2019-11249", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11249" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcss-tfeh-w7a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13281?format=api", "vulnerability_id": "VCID-xw76-5x4h-y3az", "summary": "Sensitive Information leak via Log File in Kubernetes\nIn Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8566.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8566.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2557", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25623", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25648", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25663", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25721", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25761", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25704", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25748", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2582", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8566" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886640", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8566" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/95624", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/95624" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/95245", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/95245" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea" }, { "reference_url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8566", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8566" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341", "reference_id": "972341", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0037", "reference_id": "RHSA-2021:0037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0037" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926517?format=api", "purl": "pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.19.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8566", "GHSA-5x96-j797-5qqw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xw76-5x4h-y3az" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54684?format=api", "vulnerability_id": "VCID-zb2s-uwse-zfdf", "summary": "Kubernetes kube-apiserver unauthorized access\nThe Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:2816", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:2816" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:2824", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:2824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2690", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2769", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2769" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11247.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51506", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59586", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59627", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59637", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59651", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59667", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59674", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59658", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11247" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/kubernetes/apiextensions-apiserver", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/apiextensions-apiserver" }, { "reference_url": "https://github.com/kubernetes/apiextensions-apiserver/commit/b9b7d2b3f32f8edbeb47b8726710eeb868bce196", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/apiextensions-apiserver/commit/b9b7d2b3f32f8edbeb47b8726710eeb868bce196" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/80983", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/80983" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/80750", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/80750" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/80850", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/80850" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/80851", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/80851" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/80852", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/pull/80852" }, { "reference_url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11247", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" }, { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11247" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190919-0003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732192", "reference_id": "1732192", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732192" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933988", "reference_id": "933988", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933988" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2504", "reference_id": "RHSA-2019:2504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2504" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926512?format=api", "purl": "pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11247", "GHSA-fp37-c92q-4pwq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb2s-uwse-zfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17606?format=api", "vulnerability_id": "VCID-zexe-7ywv-cbcf", "summary": "Kubernetes sets incorrect permissions on Windows containers logs\nA security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\\Users may be able to read container logs and NT AUTHORITY\\Authenticated Users may be able to modify container logs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21432", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21579", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.217", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21688", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21553", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21747", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5321" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/126161", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:30:40Z/" } ], "url": "https://github.com/kubernetes/kubernetes/issues/126161" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:30:40Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5321", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298752", "reference_id": "2298752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6460", "reference_id": "RHSA-2024:6460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6461", "reference_id": "RHSA-2024:6461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6734", "reference_id": "RHSA-2024:6734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6734" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926506?format=api", "purl": "pkg:deb/debian/kubernetes@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-5321", "GHSA-82m2-cv7p-4m75" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zexe-7ywv-cbcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55072?format=api", "vulnerability_id": "VCID-zfkg-9qsx-83f1", "summary": "Kubernetes arbitrary file overwrite\nIn Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0475", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0475" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002102.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65506", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65497", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65456", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65493", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65504", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65374", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65423", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.6545", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65414", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65478", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1002102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002102" }, { "reference_url": "https://github.com/kubernetes/kubernetes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/60814", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/60814" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1002102", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1002102" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551818", "reference_id": "1551818", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551818" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894051", "reference_id": "894051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894051" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926511?format=api", "purl": "pkg:deb/debian/kubernetes@1.7.16%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.7.16%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926507?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-42kp-8t9h-dfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926505?format=api", "purl": "pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926509?format=api", "purl": "pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926508?format=api", "purl": "pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1002102", "GHSA-mm7g-f2gg-cw8g" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zfkg-9qsx-83f1" } ], "risk_score": "1.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie" }