Package Instance

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634

reference_url

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634

reference_url

https://github.com/kubernetes/kubernetes/issues/95622

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95622

reference_url

https://github.com/kubernetes/kubernetes/pull/94712

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/94712

reference_url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8564

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8564

reference_url

https://pkg.go.dev/vuln/GO-2021-0066

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2021-0066

reference_url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1886637
reference_id	1886637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1886637

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341
reference_id	972341
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341

reference_url	https://access.redhat.com/errata/RHSA-2020:4297
reference_id	RHSA-2020:4297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4297

reference_url	https://access.redhat.com/errata/RHSA-2020:5259
reference_id	RHSA-2020:5259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5259

reference_url	https://access.redhat.com/errata/RHSA-2020:5359
reference_id	RHSA-2020:5359
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5359

reference_url	https://access.redhat.com/errata/RHSA-2021:0171
reference_id	RHSA-2021:0171
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0171

reference_url	https://access.redhat.com/errata/RHSA-2021:0172
reference_id	RHSA-2021:0172
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0172

reference_url	https://access.redhat.com/errata/RHSA-2021:0281
reference_id	RHSA-2021:0281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0281

reference_url	https://access.redhat.com/errata/RHSA-2021:3193
reference_id	RHSA-2021:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3193

fixed_packages

url	pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.19.3-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8564, GHSA-8mjg-8c8g-6h85

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17m6-nd3p-dybh

url VCID-2cbk-c4k3-kyc8

vulnerability_id VCID-2cbk-c4k3-kyc8

summary

Privilege Escalation in Kubernetes
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.7 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8559

reference_id

reference_type

scores

value	0.51201
scoring_system	epss
scoring_elements	0.97889
published_at	2026-04-18T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97887
published_at	2026-04-21T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.9788
published_at	2026-04-13T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97879
published_at	2026-04-12T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97878
published_at	2026-04-11T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97875
published_at	2026-04-09T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97857
published_at	2026-04-01T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97872
published_at	2026-04-08T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97868
published_at	2026-04-07T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97864
published_at	2026-04-04T12:55:00Z

value	0.51201
scoring_system	epss
scoring_elements	0.97863
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8559

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1851422

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1851422

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8559
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8559

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/92914

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/92914

reference_url

https://github.com/kubernetes/kubernetes/pull/92941

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/92941

reference_url

https://github.com/tdwyer/CVE-2020-8559

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tdwyer/CVE-2020-8559

reference_url

https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8559

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8559

reference_url

https://security.netapp.com/advisory/ntap-20200810-0004

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200810-0004

reference_url	https://access.redhat.com/errata/RHSA-2020:4298
reference_id	RHSA-2020:4298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4298

reference_url	https://access.redhat.com/errata/RHSA-2020:5194
reference_id	RHSA-2020:5194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5194

reference_url	https://access.redhat.com/errata/RHSA-2020:5363
reference_id	RHSA-2020:5363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5363

reference_url	https://access.redhat.com/errata/RHSA-2021:0030
reference_id	RHSA-2021:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0030

reference_url	https://access.redhat.com/errata/RHSA-2021:0281
reference_id	RHSA-2021:0281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0281

fixed_packages

url	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8559, GHSA-33c5-9fx5-fvjm

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cbk-c4k3-kyc8

url VCID-2ej9-nn86-7bet

vulnerability_id VCID-2ej9-nn86-7bet

summary

Kubernetes kubectl cp Vulnerable to Symlink Attack
The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11251.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11251.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11251

reference_id

reference_type

scores

value	0.03448
scoring_system	epss
scoring_elements	0.87523
published_at	2026-04-18T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87521
published_at	2026-04-21T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87506
published_at	2026-04-13T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.8751
published_at	2026-04-12T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87514
published_at	2026-04-11T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87503
published_at	2026-04-09T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87496
published_at	2026-04-08T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87452
published_at	2026-04-01T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87477
published_at	2026-04-07T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87476
published_at	2026-04-04T12:55:00Z

value	0.03448
scoring_system	epss
scoring_elements	0.87462
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11251

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/kubernetes/issues/87773

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/87773

reference_url

https://github.com/kubernetes/kubernetes/pull/82143

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/82143

reference_url

https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11251

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11251

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1753495
reference_id	1753495
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1753495

reference_url	https://access.redhat.com/errata/RHSA-2019:3266
reference_id	RHSA-2019:3266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3266

reference_url	https://access.redhat.com/errata/RHSA-2019:3267
reference_id	RHSA-2019:3267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3267

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11251, GHSA-6qfg-8799-r575

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ej9-nn86-7bet

url VCID-35gz-1zjh-2qan

vulnerability_id VCID-35gz-1zjh-2qan

summary

Kubernetes DoS Vulnerability
In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.

references

reference_url

https://access.redhat.com/errata/RHSA-2019:1851

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:1851

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002100.json

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002100.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1002100

reference_id

reference_type

scores

value	0.04868
scoring_system	epss
scoring_elements	0.89567
published_at	2026-04-21T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89517
published_at	2026-04-01T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89521
published_at	2026-04-02T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89533
published_at	2026-04-04T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89534
published_at	2026-04-07T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.8955
published_at	2026-04-08T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89554
published_at	2026-04-09T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89562
published_at	2026-04-11T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89561
published_at	2026-04-12T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89555
published_at	2026-04-13T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.89568
published_at	2026-04-16T12:55:00Z

value	0.04868
scoring_system	epss
scoring_elements	0.8957
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1002100

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1002100
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1002100

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/74534

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/74534

reference_url	https://groups.google.com/forum/#%21topic/kubernetes-announce/vmUUNkYfG9g
reference_id
reference_type
scores
url	https://groups.google.com/forum/#%21topic/kubernetes-announce/vmUUNkYfG9g

reference_url

https://groups.google.com/forum/#!topic/kubernetes-announce/vmUUNkYfG9g

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/kubernetes-announce/vmUUNkYfG9g

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-1002100

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-1002100

reference_url

https://security.netapp.com/advisory/ntap-20190416-0002

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190416-0002

reference_url	https://security.netapp.com/advisory/ntap-20190416-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190416-0002/

reference_url

https://web.archive.org/web/20210125011246/https://www.securityfocus.com/bid/107290

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210125011246/https://www.securityfocus.com/bid/107290

reference_url	http://www.securityfocus.com/bid/107290
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107290

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1683190
reference_id	1683190
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1683190

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923686
reference_id	923686
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923686

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-1002100, GHSA-q4rr-64r9-fwgf

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35gz-1zjh-2qan

url VCID-3m8h-88sb-f7hk

vulnerability_id VCID-3m8h-88sb-f7hk

summary

Privilege Escalation in Kubernetes
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.

references

reference_url

https://access.redhat.com/errata/RHSA-2018:3537

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3537

reference_url

https://access.redhat.com/errata/RHSA-2018:3549

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3549

reference_url

https://access.redhat.com/errata/RHSA-2018:3551

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3551

reference_url

https://access.redhat.com/errata/RHSA-2018:3598

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3598

reference_url

https://access.redhat.com/errata/RHSA-2018:3624

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3624

reference_url

https://access.redhat.com/errata/RHSA-2018:3742

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3742

reference_url

https://access.redhat.com/errata/RHSA-2018:3752

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3752

reference_url

https://access.redhat.com/errata/RHSA-2018:3754

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3754

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002105

reference_id

reference_type

scores

value	0.90349
scoring_system	epss
scoring_elements	0.99605
published_at	2026-04-21T12:55:00Z

value	0.90698
scoring_system	epss
scoring_elements	0.99622
published_at	2026-04-16T12:55:00Z

value	0.90698
scoring_system	epss
scoring_elements	0.99619
published_at	2026-04-02T12:55:00Z

value	0.90698
scoring_system	epss
scoring_elements	0.9962
published_at	2026-04-07T12:55:00Z

value	0.90698
scoring_system	epss
scoring_elements	0.99621
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002105

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/evict/poc_CVE-2018-1002105

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/evict/poc_CVE-2018-1002105

reference_url

https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905

reference_url

https://github.com/kubernetes/kubernetes/issues/71411

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/71411

reference_url

https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88

reference_url

https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002105

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002105

reference_url

https://security.netapp.com/advisory/ntap-20190416-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190416-0001

reference_url

https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do

reference_url

https://www.exploit-db.com/exploits/46052

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/46052

reference_url

https://www.exploit-db.com/exploits/46053

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/46053

reference_url

https://www.openwall.com/lists/oss-security/2019/06/28/2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2019/06/28/2

reference_url

https://www.openwall.com/lists/oss-security/2019/07/06/3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2019/07/06/3

reference_url

https://www.openwall.com/lists/oss-security/2019/07/06/4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2019/07/06/4

reference_url

https://www.securityfocus.com/bid/106068

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.securityfocus.com/bid/106068

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1648138
reference_id	1648138
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1648138

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828
reference_id	915828
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828

reference_url	https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py
reference_id	CVE-2018-1002105
reference_type	exploit
scores
url	https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py

reference_url	https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py
reference_id	CVE-2018-1002105
reference_type	exploit
scores
url	https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py
reference_id	CVE-2018-1002105
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py
reference_id	CVE-2018-1002105
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2018-1002105, GHSA-579h-mv94-g4gp

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3m8h-88sb-f7hk

url VCID-3rmn-ytr3-6yet

vulnerability_id VCID-3rmn-ytr3-6yet

summary

Kubernetes privilege escalation vulnerability
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3676.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3676.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3676

reference_id

reference_type

scores

value	0.40738
scoring_system	epss
scoring_elements	0.9738
published_at	2026-04-21T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97379
published_at	2026-04-18T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97376
published_at	2026-04-16T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97368
published_at	2026-04-13T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97367
published_at	2026-04-12T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97356
published_at	2026-04-04T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97352
published_at	2026-04-02T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97364
published_at	2026-04-09T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97363
published_at	2026-04-08T12:55:00Z

value	0.40738
scoring_system	epss
scoring_elements	0.97357
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3676

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/073f9ea33a93ddaecdc2e829150fb715f6387399

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/073f9ea33a93ddaecdc2e829150fb715f6387399

reference_url

https://github.com/kubernetes/kubernetes/commit/39cc101c7855341c651a943b9836b50fbace8a6b

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/39cc101c7855341c651a943b9836b50fbace8a6b

reference_url

https://github.com/kubernetes/kubernetes/commit/74b617310c24ca84c2ec90c3858af745d65b5226

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/74b617310c24ca84c2ec90c3858af745d65b5226

reference_url

https://github.com/kubernetes/kubernetes/commit/890483394221c8f22e88c48f86cd4eaf4de65fd6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/890483394221c8f22e88c48f86cd4eaf4de65fd6

reference_url

https://github.com/kubernetes/kubernetes/commit/a53faf5e17ed0b0771a605c6401ba4cbf297b59a

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/a53faf5e17ed0b0771a605c6401ba4cbf297b59a

reference_url

https://github.com/kubernetes/kubernetes/issues/119339

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/

url

https://github.com/kubernetes/kubernetes/issues/119339

reference_url

https://github.com/kubernetes/kubernetes/pull/120127

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120127

reference_url

https://github.com/kubernetes/kubernetes/pull/120129

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120129

reference_url

https://github.com/kubernetes/kubernetes/pull/120130

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120130

reference_url

https://github.com/kubernetes/kubernetes/pull/120131

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120131

reference_url

https://github.com/kubernetes/kubernetes/pull/120132

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120132

reference_url

https://github.com/kubernetes/kubernetes/pull/120133

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120133

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-3676

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-3676

reference_url

https://security.netapp.com/advisory/ntap-20231130-0007

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231130-0007

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2227126
reference_id	2227126
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2227126

reference_url

https://security.netapp.com/advisory/ntap-20231130-0007/

reference_id

ntap-20231130-0007

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:36Z/

url

https://security.netapp.com/advisory/ntap-20231130-0007/

reference_url	https://access.redhat.com/errata/RHSA-2023:4777
reference_id	RHSA-2023:4777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4777

reference_url	https://access.redhat.com/errata/RHSA-2023:4780
reference_id	RHSA-2023:4780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4780

reference_url	https://access.redhat.com/errata/RHSA-2023:4835
reference_id	RHSA-2023:4835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4835

reference_url	https://access.redhat.com/errata/RHSA-2023:4885
reference_id	RHSA-2023:4885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4885

reference_url	https://access.redhat.com/errata/RHSA-2023:7515
reference_id	RHSA-2023:7515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7515

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-3676, GHSA-7fxm-f474-hf8w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rmn-ytr3-6yet

url VCID-42kp-8t9h-dfat

vulnerability_id VCID-42kp-8t9h-dfat

summary

kubectl ANSI escape characters not filtered
kubectl (k8s.io/kubernetes/pkg/kubectl) does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25743.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25743.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25743

reference_id

reference_type

scores

value	0.00279
scoring_system	epss
scoring_elements	0.51351
published_at	2026-04-21T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51224
published_at	2026-04-01T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51276
published_at	2026-04-02T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51301
published_at	2026-04-04T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51261
published_at	2026-04-07T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51316
published_at	2026-04-08T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51313
published_at	2026-04-09T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51356
published_at	2026-04-11T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51336
published_at	2026-04-12T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51322
published_at	2026-04-13T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51364
published_at	2026-04-16T12:55:00Z

value	0.00279
scoring_system	epss
scoring_elements	0.51372
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25743

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537

reference_url

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537

reference_url

https://github.com/kubernetes/kubernetes/issues/101695

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/101695

reference_url

https://github.com/kubernetes/kubernetes/pull/112553

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/112553

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25743

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25743

reference_url

https://security.netapp.com/advisory/ntap-20220217-0003

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220217-0003

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016441
reference_id	1016441
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016441

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2042418
reference_id	2042418
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2042418

fixed_packages

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.31.4%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25743, GHSA-f9jg-8p32-2f55

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42kp-8t9h-dfat

url VCID-4gu9-2w32-xfcu

vulnerability_id VCID-4gu9-2w32-xfcu

summary

kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClass
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13281.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13281.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-13281

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.01922
published_at	2026-04-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01952
published_at	2026-04-09T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01937
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01938
published_at	2026-04-08T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01925
published_at	2026-04-02T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01916
published_at	2026-04-13T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02469
published_at	2026-04-18T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02463
published_at	2026-04-16T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02575
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-13281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13281

reference_url

https://github.com/advisories/GHSA-r6j8-c6r2-37rr

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-r6j8-c6r2-37rr

reference_url

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7506ce804c20696ba32cdb72126270ceaed06e24

reference_url

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7506ce804c20696ba32cdb72126270ceaed06e24

reference_url

https://github.com/kubernetes/kubernetes/commit/97650c1c4fe15cbb7756ba95b3edc8a8665063ca

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/97650c1c4fe15cbb7756ba95b3edc8a8665063ca

reference_url

https://github.com/kubernetes/kubernetes/commit/dbe17dfe7773563eac95534040f413ada6d2b421

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/dbe17dfe7773563eac95534040f413ada6d2b421

reference_url

https://github.com/kubernetes/kubernetes/issues/135525

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T16:26:52Z/

url

https://github.com/kubernetes/kubernetes/issues/135525

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/EORqZg0k1l4/m/TtD-q0v7AgAJ

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T16:26:52Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/EORqZg0k1l4/m/TtD-q0v7AgAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-13281

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-13281

reference_url

http://www.openwall.com/lists/oss-security/2025/12/01/4

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/12/01/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2422109
reference_id	2422109
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2422109

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2025-13281, GHSA-r6j8-c6r2-37rr

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4gu9-2w32-xfcu

url VCID-4jze-ndvq-nqhn

vulnerability_id VCID-4jze-ndvq-nqhn

summary

Kubernetes Privilege Escalation
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000056.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000056.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000056

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49013
published_at	2026-04-18T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48967
published_at	2026-04-04T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48921
published_at	2026-04-07T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48975
published_at	2026-04-21T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48972
published_at	2026-04-09T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48989
published_at	2026-04-11T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48963
published_at	2026-04-12T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.4897
published_at	2026-04-13T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.49017
published_at	2026-04-16T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48904
published_at	2026-04-01T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48941
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000056

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5e

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5e

reference_url

https://github.com/kubernetes/kubernetes/issues/43459

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/43459

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000056

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1486336
reference_id	1486336
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1486336

fixed_packages

url	pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.5.5%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2017-1000056, GHSA-2jx2-76rc-2v7v

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jze-ndvq-nqhn

url VCID-4qqj-251q-ykek

vulnerability_id VCID-4qqj-251q-ykek

summary

Confused Deputy in Kubernetes
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25740.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25740.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25740

reference_id

reference_type

scores

value	0.00519
scoring_system	epss
scoring_elements	0.66824
published_at	2026-04-21T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71717
published_at	2026-04-16T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71673
published_at	2026-04-13T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71692
published_at	2026-04-12T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71708
published_at	2026-04-11T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71685
published_at	2026-04-09T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71674
published_at	2026-04-08T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71644
published_at	2026-04-02T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71723
published_at	2026-04-18T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71634
published_at	2026-04-07T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71662
published_at	2026-04-04T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71637
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25740

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/103675

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/103675

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25740

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25740

reference_url

https://security.netapp.com/advisory/ntap-20211014-0001

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211014-0001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1982470
reference_id	1982470
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1982470

reference_url

reference_id

AVG-1915

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3942

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25740, GHSA-vw47-mr44-3jf9

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qqj-251q-ykek

url VCID-57ar-astn-b7eu

vulnerability_id VCID-57ar-astn-b7eu

summary

Kubernetes Unsafe Cacheing
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by `--cache-dir` (defaulting to `$HOME/.kube/http-cache`), written with world-writeable permissions (`rw-rw-rw-`). If `--cache-dir` is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation.

references

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3942

reference_url

https://access.redhat.com/errata/RHSA-2020:0020

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0020

reference_url

https://access.redhat.com/errata/RHSA-2020:0074

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0074

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11244.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11244.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11244

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.2677
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26614
published_at	2026-04-21T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26681
published_at	2026-04-16T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26672
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26729
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26782
published_at	2026-04-01T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26826
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26865
published_at	2026-04-04T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26651
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26719
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26774
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26654
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11244

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/client-go/commit/790a4f63632139cf6731014d00a9a8338f1fbd7d

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go/commit/790a4f63632139cf6731014d00a9a8338f1fbd7d

reference_url

https://github.com/kubernetes/kubernetes/issues/76676

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/76676

reference_url

https://github.com/kubernetes/kubernetes/pull/77874

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/77874

reference_url

https://github.com/kubernetes/kubernetes/pull/77874/commits/f228ae3364729caed59087e23c42868454bc3ff4

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/77874/commits/f228ae3364729caed59087e23c42868454bc3ff4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11244

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11244

reference_url

https://security.netapp.com/advisory/ntap-20190509-0002

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190509-0002

reference_url

http://www.securityfocus.com/bid/108064

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/108064

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1703209
reference_id	1703209
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1703209

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11244, GHSA-2575-pghm-6qqx

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57ar-astn-b7eu

url VCID-68f5-9mbb-syf5

vulnerability_id VCID-68f5-9mbb-syf5

summary kubernetes: Incorrect rule injection in CNI portmap plugin

references

reference_url	https://access.redhat.com/errata/RHBA-2019:0862
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0862

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9946.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9946.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9946

reference_id

reference_type

scores

value	0.00545
scoring_system	epss
scoring_elements	0.67707
published_at	2026-04-01T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67812
published_at	2026-04-21T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67782
published_at	2026-04-13T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67818
published_at	2026-04-16T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67831
published_at	2026-04-18T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.6774
published_at	2026-04-02T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.6776
published_at	2026-04-04T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67741
published_at	2026-04-07T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67792
published_at	2026-04-08T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67806
published_at	2026-04-09T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.6783
published_at	2026-04-11T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67816
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9946

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272
reference_id
reference_type
scores
url	https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCN66VYB3XS76SYH567SO7N3I254JOCT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCN66VYB3XS76SYH567SO7N3I254JOCT/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGOOWAELGH3F7OXRBPH3HCNZELNLXYTW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGOOWAELGH3F7OXRBPH3HCNZELNLXYTW/

reference_url	https://security.netapp.com/advisory/ntap-20190416-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190416-0002/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1692712
reference_id	1692712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1692712

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cncf:portmap::::::container_networking_interface::*
reference_id	cpe:2.3:a:cncf:portmap::::::container_networking_interface::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cncf:portmap::::::container_networking_interface::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_insights:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9946

reference_id

CVE-2019-9946

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9946

reference_url	https://access.redhat.com/errata/RHSA-2019:3403
reference_id	RHSA-2019:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3403

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-9946

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68f5-9mbb-syf5

url VCID-6nk9-wkwg-ukeh

vulnerability_id VCID-6nk9-wkwg-ukeh

summary

Information Exposure in Kubernetes
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2015-2615.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-2615.html

reference_url

https://access.redhat.com/errata/RHSA-2015:2544

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:2544

reference_url

https://access.redhat.com/errata/RHSA-2015:2615

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:2615

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7528.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7528.json

reference_url

https://access.redhat.com/security/cve/CVE-2015-7528

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2015-7528

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7528

reference_id

reference_type

scores

value	0.00366
scoring_system	epss
scoring_elements	0.58624
published_at	2026-04-11T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58608
published_at	2026-04-09T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58602
published_at	2026-04-08T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58559
published_at	2026-04-02T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58601
published_at	2026-04-21T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58623
published_at	2026-04-18T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58618
published_at	2026-04-16T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58585
published_at	2026-04-13T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58605
published_at	2026-04-12T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.5855
published_at	2026-04-07T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58579
published_at	2026-04-04T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58474
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7528

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1286745

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1286745

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/afd56495a1052a3387b81df1786a8d0f51bc8671

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/afd56495a1052a3387b81df1786a8d0f51bc8671

reference_url

https://github.com/kubernetes/kubernetes/pull/17886

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/17886

reference_url

https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5

reference_url

https://github.com/openshift/origin/pull/6113

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openshift/origin/pull/6113

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7528

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7528

reference_url

https://rhn.redhat.com/errata/RHSA-2015-2615.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2015-2615.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::alpha.4::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes::alpha.4::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::alpha.4::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0::::enterprise:::
reference_id	cpe:2.3:a:redhat:openshift:3.0::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1::::enterprise:::
reference_id	cpe:2.3:a:redhat:openshift:3.1::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1::::enterprise:::

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2015-7528, GHSA-mqf3-28j7-3mj6

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6nk9-wkwg-ukeh

url VCID-7359-arkb-zkg6

vulnerability_id VCID-7359-arkb-zkg6

summary

Kubernetes mountable secrets policy bypass
Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2728.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-2728

reference_id

reference_type

scores

value	0.04853
scoring_system	epss
scoring_elements	0.89556
published_at	2026-04-18T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89554
published_at	2026-04-21T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89546
published_at	2026-04-12T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89548
published_at	2026-04-11T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89521
published_at	2026-04-07T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89509
published_at	2026-04-02T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89541
published_at	2026-04-13T12:55:00Z

value	0.04853
scoring_system	epss
scoring_elements	0.89537
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-2728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2728

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/118640

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/

url

https://github.com/kubernetes/kubernetes/issues/118640

reference_url

https://github.com/kubernetes/kubernetes/pull/118356

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118356

reference_url

https://github.com/kubernetes/kubernetes/pull/118471

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118471

reference_url

https://github.com/kubernetes/kubernetes/pull/118473

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118473

reference_url

https://github.com/kubernetes/kubernetes/pull/118474

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118474

reference_url

https://github.com/kubernetes/kubernetes/pull/118512

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118512

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-2728

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-2728

reference_url

https://security.netapp.com/advisory/ntap-20230803-0004

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230803-0004

reference_url

http://www.openwall.com/lists/oss-security/2023/07/06/3

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/

url

http://www.openwall.com/lists/oss-security/2023/07/06/3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2211348
reference_id	2211348
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2211348

reference_url

https://security.netapp.com/advisory/ntap-20230803-0004/

reference_id

ntap-20230803-0004

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:02:56Z/

url

https://security.netapp.com/advisory/ntap-20230803-0004/

reference_url	https://access.redhat.com/errata/RHSA-2023:5009
reference_id	RHSA-2023:5009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5009

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-2728, GHSA-cgcv-5272-97pr

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7359-arkb-zkg6

url VCID-7ddh-ksnz-nbhj

vulnerability_id VCID-7ddh-ksnz-nbhj

summary

Kubernetes privilege escalation vulnerability
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3955.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3955.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3955

reference_id

reference_type

scores

value	0.00762
scoring_system	epss
scoring_elements	0.73413
published_at	2026-04-21T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73419
published_at	2026-04-18T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73411
published_at	2026-04-16T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73369
published_at	2026-04-13T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73377
published_at	2026-04-12T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73397
published_at	2026-04-11T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73373
published_at	2026-04-09T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.7336
published_at	2026-04-08T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73323
published_at	2026-04-07T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73351
published_at	2026-04-04T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73327
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3955

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3955
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3955

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/38c97fa67ed35f36e730856728c9e3807f63546a

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/38c97fa67ed35f36e730856728c9e3807f63546a

reference_url

https://github.com/kubernetes/kubernetes/commit/50334505cd27cbe7cf71865388f25a00e29b2596

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/50334505cd27cbe7cf71865388f25a00e29b2596

reference_url

https://github.com/kubernetes/kubernetes/commit/7da6d72c05dffb3b87e62e2bc8c3228ea12ba1b9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7da6d72c05dffb3b87e62e2bc8c3228ea12ba1b9

reference_url

https://github.com/kubernetes/kubernetes/commit/b7547e28f898af37aa2f1107a49111f963250fe6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/b7547e28f898af37aa2f1107a49111f963250fe6

reference_url

https://github.com/kubernetes/kubernetes/commit/c4e17abb04728e3a3f9bb26e727b0f978df20ec9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/c4e17abb04728e3a3f9bb26e727b0f978df20ec9

reference_url

https://github.com/kubernetes/kubernetes/issues/119595

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/

url

https://github.com/kubernetes/kubernetes/issues/119595

reference_url

https://github.com/kubernetes/kubernetes/pull/120128

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120128

reference_url

https://github.com/kubernetes/kubernetes/pull/120134

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120134

reference_url

https://github.com/kubernetes/kubernetes/pull/120135

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120135

reference_url

https://github.com/kubernetes/kubernetes/pull/120136

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120136

reference_url

https://github.com/kubernetes/kubernetes/pull/120137

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120137

reference_url

https://github.com/kubernetes/kubernetes/pull/120138

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/120138

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-3955

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-3955

reference_url

https://security.netapp.com/advisory/ntap-20231221-0002

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231221-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2227128
reference_id	2227128
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2227128

reference_url

https://security.netapp.com/advisory/ntap-20231221-0002/

reference_id

ntap-20231221-0002

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:32Z/

url

https://security.netapp.com/advisory/ntap-20231221-0002/

reference_url	https://access.redhat.com/errata/RHSA-2023:4777
reference_id	RHSA-2023:4777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4777

reference_url	https://access.redhat.com/errata/RHSA-2023:4780
reference_id	RHSA-2023:4780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4780

reference_url	https://access.redhat.com/errata/RHSA-2023:4835
reference_id	RHSA-2023:4835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4835

reference_url	https://access.redhat.com/errata/RHSA-2023:4885
reference_id	RHSA-2023:4885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4885

reference_url	https://access.redhat.com/errata/RHSA-2023:7515
reference_id	RHSA-2023:7515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7515

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-3955, GHSA-q78c-gwqw-jcmc

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ddh-ksnz-nbhj

url VCID-7gye-25qm-n3ed

vulnerability_id VCID-7gye-25qm-n3ed

summary

Files or Directories Accessible to External Parties in kubernetes
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25741.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25741.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25741

reference_id

reference_type

scores

value	0.33042
scoring_system	epss
scoring_elements	0.96908
published_at	2026-04-21T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96905
published_at	2026-04-18T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96901
published_at	2026-04-16T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96894
published_at	2026-04-13T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96893
published_at	2026-04-12T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96891
published_at	2026-04-11T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96889
published_at	2026-04-09T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96887
published_at	2026-04-08T12:55:00Z

value	0.33042
scoring_system	epss
scoring_elements	0.96879
published_at	2026-04-07T12:55:00Z

value	0.33597
scoring_system	epss
scoring_elements	0.96911
published_at	2026-04-02T12:55:00Z

value	0.33597
scoring_system	epss
scoring_elements	0.96903
published_at	2026-04-01T12:55:00Z

value	0.33597
scoring_system	epss
scoring_elements	0.96916
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25741

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-f5f7-6478-qm6p

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-f5f7-6478-qm6p

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/104980

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/

url

https://github.com/kubernetes/kubernetes/issues/104980

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25741

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25741

reference_url

https://security.netapp.com/advisory/ntap-20211008-0006

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211008-0006

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1993749
reference_id	1993749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1993749

reference_url

https://security.archlinux.org/AVG-2393

reference_id

AVG-2393

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2393

reference_url

https://security.netapp.com/advisory/ntap-20211008-0006/

reference_id

ntap-20211008-0006

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:58Z/

url

https://security.netapp.com/advisory/ntap-20211008-0006/

reference_url	https://access.redhat.com/errata/RHSA-2021:3631
reference_id	RHSA-2021:3631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3631

reference_url	https://access.redhat.com/errata/RHSA-2021:3635
reference_id	RHSA-2021:3635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3635

reference_url	https://access.redhat.com/errata/RHSA-2021:3642
reference_id	RHSA-2021:3642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3642

reference_url	https://access.redhat.com/errata/RHSA-2021:3646
reference_id	RHSA-2021:3646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3646

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25741, GHSA-f5f7-6478-qm6p

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7gye-25qm-n3ed

url VCID-8mtx-nq5t-dqcg

vulnerability_id VCID-8mtx-nq5t-dqcg

summary

Node Denial of Service via kubelet Checkpoint API
A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0426.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0426.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0426

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11729
published_at	2026-04-21T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11606
published_at	2026-04-18T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11608
published_at	2026-04-16T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11769
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11808
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11797
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11744
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11659
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11873
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11831
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0426

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-jgfp-53c3-624w

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-jgfp-53c3-624w

reference_url

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/130016

reference_url

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:29:18Z/

url

https://github.com/kubernetes/kubernetes/issues/130016

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:29:18Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-0426

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-0426

reference_url

http://www.openwall.com/lists/oss-security/2025/02/13/1

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/02/13/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2345617
reference_id	2345617
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2345617

reference_url	https://access.redhat.com/errata/RHSA-2025:1824
reference_id	RHSA-2025:1824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1824

reference_url	https://access.redhat.com/errata/RHSA-2025:2652
reference_id	RHSA-2025:2652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2652

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2025-0426, GHSA-jgfp-53c3-624w

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mtx-nq5t-dqcg

url VCID-8y33-9aqr-fubd

vulnerability_id VCID-8y33-9aqr-fubd

summary

Kubernetes vulnerable to validation bypass
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3294.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3294.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3294

reference_id

reference_type

scores

value	0.00513
scoring_system	epss
scoring_elements	0.66519
published_at	2026-04-21T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66535
published_at	2026-04-18T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66517
published_at	2026-04-16T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66482
published_at	2026-04-13T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66513
published_at	2026-04-12T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66525
published_at	2026-04-11T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66505
published_at	2026-04-09T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66492
published_at	2026-04-08T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66443
published_at	2026-04-07T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66446
published_at	2026-04-02T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66472
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3294

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3294
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3294

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/113757

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/

url

https://github.com/kubernetes/kubernetes/issues/113757

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3294

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3294

reference_url

https://security.netapp.com/advisory/ntap-20230505-0007

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230505-0007

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2136675
reference_id	2136675
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2136675

reference_url

https://security.netapp.com/advisory/ntap-20230505-0007/

reference_id

ntap-20230505-0007

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-07T18:34:14Z/

url

https://security.netapp.com/advisory/ntap-20230505-0007/

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2022-3294, GHSA-jh36-q97c-9928

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8y33-9aqr-fubd

url VCID-92ak-64hu-dbg1

vulnerability_id VCID-92ak-64hu-dbg1

summary kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3172.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3172.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3172

reference_id

reference_type

scores

value	0.02537
scoring_system	epss
scoring_elements	0.85392
published_at	2026-04-02T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85412
published_at	2026-04-04T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85415
published_at	2026-04-07T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85436
published_at	2026-04-08T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85444
published_at	2026-04-09T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85458
published_at	2026-04-11T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85456
published_at	2026-04-12T12:55:00Z

value	0.02537
scoring_system	epss
scoring_elements	0.85453
published_at	2026-04-13T12:55:00Z

value	0.02823
scoring_system	epss
scoring_elements	0.86174
published_at	2026-04-21T12:55:00Z

value	0.02834
scoring_system	epss
scoring_elements	0.862
published_at	2026-04-16T12:55:00Z

value	0.02834
scoring_system	epss
scoring_elements	0.86205
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3172

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2127804
reference_id	2127804
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2127804

reference_url	https://access.redhat.com/errata/RHSA-2022:7398
reference_id	RHSA-2022:7398
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7398

reference_url	https://access.redhat.com/errata/RHSA-2023:1655
reference_id	RHSA-2023:1655
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1655

reference_url	https://access.redhat.com/errata/RHSA-2023:3609
reference_id	RHSA-2023:3609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3609

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2022-3172

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92ak-64hu-dbg1

url VCID-9498-37sr-xyet

vulnerability_id VCID-9498-37sr-xyet

summary kubernetes: /debug/pprof endpoint exposed on kubelet's healthz port

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11248.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11248.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11248

reference_id

reference_type

scores

value	0.91007
scoring_system	epss
scoring_elements	0.99635
published_at	2026-04-04T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99641
published_at	2026-04-21T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99636
published_at	2026-04-07T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99637
published_at	2026-04-13T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99638
published_at	2026-04-16T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99639
published_at	2026-04-18T12:55:00Z

value	0.91007
scoring_system	epss
scoring_elements	0.99634
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11248

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11248
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11248

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kubernetes/kubernetes/issues/81023
reference_id
reference_type
scores
url	https://github.com/kubernetes/kubernetes/issues/81023

reference_url	https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ
reference_id
reference_type
scores
url	https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1738368
reference_id	1738368
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1738368

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934182
reference_id	934182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934182

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.1:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.2:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.4:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.1:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.2:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11248

reference_id

CVE-2019-11248

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11248

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11248

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9498-37sr-xyet

url VCID-9s34-1nd8-f7ee

vulnerability_id VCID-9s34-1nd8-f7ee

summary

XML Entity Expansion and Improper Input Validation in Kubernetes API server
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.

### Specific Go Packages Affected
k8s.io/kubernetes/pkg/apiserver

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3811

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3811

reference_url

https://access.redhat.com/errata/RHSA-2019:3905

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3905

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11253.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11253.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11253

reference_id

reference_type

scores

value	0.83793
scoring_system	epss
scoring_elements	0.99291
published_at	2026-04-08T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99296
published_at	2026-04-18T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99295
published_at	2026-04-16T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99294
published_at	2026-04-21T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99293
published_at	2026-04-13T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99292
published_at	2026-04-09T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99285
published_at	2026-04-01T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99286
published_at	2026-04-02T12:55:00Z

value	0.83793
scoring_system	epss
scoring_elements	0.99288
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11253

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11253
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11253

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gist.github.com/bgeesaman/0e0349e94cd22c48bf14d8a9b7d6b8f2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gist.github.com/bgeesaman/0e0349e94cd22c48bf14d8a9b7d6b8f2

reference_url

https://github.com/kubernetes/kubernetes/issues/83253

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/83253

reference_url

https://github.com/kubernetes/kubernetes/pull/83261

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/83261

reference_url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/jk8polzSUxs
reference_id
reference_type
scores
url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/jk8polzSUxs

reference_url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/jk8polzSUxs

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/jk8polzSUxs

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11253

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11253

reference_url

https://pkg.go.dev/vuln/GO-2022-0703

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2022-0703

reference_url

https://security.netapp.com/advisory/ntap-20191031-0006

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191031-0006

reference_url	https://security.netapp.com/advisory/ntap-20191031-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191031-0006/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1757701
reference_id	1757701
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1757701

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*

reference_url	https://access.redhat.com/errata/RHSA-2019:3132
reference_id	RHSA-2019:3132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3132

reference_url	https://access.redhat.com/errata/RHSA-2020:2795
reference_id	RHSA-2020:2795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2795

reference_url	https://access.redhat.com/errata/RHSA-2020:2796
reference_id	RHSA-2020:2796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2796

reference_url	https://access.redhat.com/errata/RHSA-2020:2799
reference_id	RHSA-2020:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2799

reference_url	https://access.redhat.com/errata/RHSA-2020:2861
reference_id	RHSA-2020:2861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2861

reference_url	https://access.redhat.com/errata/RHSA-2020:2863
reference_id	RHSA-2020:2863
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2863

reference_url	https://access.redhat.com/errata/RHSA-2020:2870
reference_id	RHSA-2020:2870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2870

reference_url	https://access.redhat.com/errata/RHSA-2022:2183
reference_id	RHSA-2022:2183
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2183

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11253, GHSA-pmqp-h87c-mr78

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9s34-1nd8-f7ee

url VCID-cjth-qqvy-hqhk

vulnerability_id VCID-cjth-qqvy-hqhk

summary

Kubelet Incorrect Privilege Assignment
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit `runAsUser` attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified `mustRunAsNonRoot: true`, the kubelet will refuse to start the container as root. If the pod did not specify `mustRunAsNonRoot: true`, the kubelet will run the container as uid 0.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11245.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11245.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11245

reference_id

reference_type

scores

value	0.00154
scoring_system	epss
scoring_elements	0.36146
published_at	2026-04-21T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36197
published_at	2026-04-18T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36213
published_at	2026-04-16T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36171
published_at	2026-04-13T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36196
published_at	2026-04-12T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36233
published_at	2026-04-11T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36228
published_at	2026-04-09T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.3621
published_at	2026-04-08T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36098
published_at	2026-04-01T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.3616
published_at	2026-04-07T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36326
published_at	2026-04-04T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36293
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11245

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1715726

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1715726

reference_url

https://github.com/advisories/GHSA-r76g-g87f-vw8f

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-r76g-g87f-vw8f

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/78308

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/78308

reference_url

https://github.com/kubernetes/kubernetes/pull/76665

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/76665

reference_url

https://github.com/kubernetes/kubernetes/pull/76665/commits/26e3c8674e66f0d10170d34f5445f0aed207387f

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/76665/commits/26e3c8674e66f0d10170d34f5445f0aed207387f

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11245

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11245

reference_url

https://pkg.go.dev/vuln/GO-2024-2780

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2024-2780

reference_url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.13.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.13.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.2:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11245, GHSA-r76g-g87f-vw8f

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjth-qqvy-hqhk

url VCID-csq4-589g-qfa4

vulnerability_id VCID-csq4-589g-qfa4

summary

Kubernetes client-go vulnerable to Sensitive Information Leak via Log File
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.5, <= v1.18.13, <= v1.17.15, < v1.20.0-alpha2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8565.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8565

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.18283
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18257
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18244
published_at	2026-04-16T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.183
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18399
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.184
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18348
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18265
published_at	2026-04-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18557
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18503
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18351
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/client-go

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go

reference_url

https://github.com/kubernetes/client-go/commit/19875a3d5a2e0d4f51c976a9e0662de3c2c011e3

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go/commit/19875a3d5a2e0d4f51c976a9e0662de3c2c011e3

reference_url

https://github.com/kubernetes/client-go/commit/1b8383fc150c9b816b0072032cca75754c2734d0

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go/commit/1b8383fc150c9b816b0072032cca75754c2734d0

reference_url

https://github.com/kubernetes/client-go/commit/44e1a07f2d513e375c4b6ee6e890040b47befe86

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go/commit/44e1a07f2d513e375c4b6ee6e890040b47befe86

reference_url

https://github.com/kubernetes/client-go/commit/e8f871a2e5fadf90fc114565abc0963967f1a373

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/client-go/commit/e8f871a2e5fadf90fc114565abc0963967f1a373

reference_url

https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419

reference_url

https://github.com/kubernetes/kubernetes/issues/95623

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95623

reference_url

https://github.com/kubernetes/kubernetes/pull/95316

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/95316

reference_url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8565

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8565

reference_url

https://pkg.go.dev/vuln/GO-2021-0064

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2021-0064

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1886638
reference_id	1886638
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1886638

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972649
reference_id	972649
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972649

reference_url	https://access.redhat.com/errata/RHSA-2021:2041
reference_id	RHSA-2021:2041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2041

reference_url	https://access.redhat.com/errata/RHSA-2021:5085
reference_id	RHSA-2021:5085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5085

reference_url	https://access.redhat.com/errata/RHSA-2021:5086
reference_id	RHSA-2021:5086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5086

fixed_packages

url	pkg:deb/debian/kubernetes@1.20.0-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.0-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8565, GHSA-8cfg-vx93-jvxw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-csq4-589g-qfa4

url VCID-dpht-br2m-zqfs

vulnerability_id VCID-dpht-br2m-zqfs

summary

Kubernetes arbitrary file overwrite
In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002100.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002100.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002100

reference_id

reference_type

scores

value	0.0051
scoring_system	epss
scoring_elements	0.66439
published_at	2026-04-21T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66454
published_at	2026-04-18T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66438
published_at	2026-04-16T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66402
published_at	2026-04-13T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66432
published_at	2026-04-12T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66383
published_at	2026-04-04T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66414
published_at	2026-04-09T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.664
published_at	2026-04-08T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66352
published_at	2026-04-07T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66356
published_at	2026-04-02T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66445
published_at	2026-04-11T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66317
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002100

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1564305

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1564305

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002100
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002100

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/61297

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/61297

reference_url

https://hansmi.ch/articles/2018-04-openshift-s2i-security

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://hansmi.ch/articles/2018-04-openshift-s2i-security

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002100

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:P/A:P

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002100

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929225
reference_id	929225
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929225

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2018-1002100, GHSA-2jq6-ffph-p4h8

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpht-br2m-zqfs

url VCID-dxej-zg13-63ff

vulnerability_id VCID-dxej-zg13-63ff

summary

Kubernetes did not effectively clear service account credentials
In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not effectively clear service account credentials loaded using rest.InClusterConfig()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11243.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11243.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11243

reference_id

reference_type

scores

value	0.00238
scoring_system	epss
scoring_elements	0.4699
published_at	2026-04-18T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46918
published_at	2026-04-02T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46935
published_at	2026-04-09T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46882
published_at	2026-04-07T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46936
published_at	2026-04-08T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46959
published_at	2026-04-11T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46932
published_at	2026-04-12T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46939
published_at	2026-04-21T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46995
published_at	2026-04-16T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46881
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11243

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/76797

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/76797

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11243

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11243

reference_url

https://security.netapp.com/advisory/ntap-20190509-0002

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190509-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1703218
reference_id	1703218
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1703218

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11243, GHSA-gc2p-g4fg-29vh

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxej-zg13-63ff

url VCID-dxhw-y156-2kfz

vulnerability_id VCID-dxhw-y156-2kfz

summary

Kubernetes API Server DoS Via API Requests
The Kubernetes API server component in Kubernetes versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8552.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8552

reference_id

reference_type

scores

value	0.00074
scoring_system	epss
scoring_elements	0.22426
published_at	2026-04-21T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.2241
published_at	2026-04-01T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22577
published_at	2026-04-02T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.2262
published_at	2026-04-04T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22407
published_at	2026-04-07T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22488
published_at	2026-04-08T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22543
published_at	2026-04-09T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22561
published_at	2026-04-11T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.2252
published_at	2026-04-12T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22465
published_at	2026-04-13T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22481
published_at	2026-04-16T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22477
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8552

reference_url

https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/5978856c4c7f10737a11c9540fe60b8475beecbb

reference_url

https://github.com/kubernetes/kubernetes/issues/89378

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/89378

reference_url

https://github.com/kubernetes/kubernetes/pull/87669

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/87669

reference_url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
reference_id
reference_type
scores
url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s

reference_url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8552

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8552

reference_url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_url	https://security.netapp.com/advisory/ntap-20200413-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1797909
reference_id	1797909
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1797909

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*

reference_url	https://access.redhat.com/errata/RHSA-2020:0933
reference_id	RHSA-2020:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0933

reference_url	https://access.redhat.com/errata/RHSA-2020:1526
reference_id	RHSA-2020:1526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1526

reference_url	https://access.redhat.com/errata/RHSA-2020:1527
reference_id	RHSA-2020:1527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1527

reference_url	https://access.redhat.com/errata/RHSA-2020:2306
reference_id	RHSA-2020:2306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2306

reference_url	https://access.redhat.com/errata/RHSA-2020:2992
reference_id	RHSA-2020:2992
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2992

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8552, GHSA-82hx-w2r5-c2wq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxhw-y156-2kfz

url VCID-ea5d-jxkg-mbhn

vulnerability_id VCID-ea5d-jxkg-mbhn

summary

Kubernetes vulnerable to path traversal
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3162.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3162.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3162

reference_id

reference_type

scores

value	0.01025
scoring_system	epss
scoring_elements	0.77308
published_at	2026-04-21T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77317
published_at	2026-04-18T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77277
published_at	2026-04-13T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.7728
published_at	2026-04-12T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77301
published_at	2026-04-11T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77273
published_at	2026-04-09T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77264
published_at	2026-04-08T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77233
published_at	2026-04-07T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.7725
published_at	2026-04-04T12:55:00Z

value	0.01148
scoring_system	epss
scoring_elements	0.78426
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3162

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/113756

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/

url

https://github.com/kubernetes/kubernetes/issues/113756

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3162

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3162

reference_url

https://security.netapp.com/advisory/ntap-20230511-0004

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230511-0004

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2136673
reference_id	2136673
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2136673

reference_url

https://security.netapp.com/advisory/ntap-20230511-0004/

reference_id

ntap-20230511-0004

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T18:34:51Z/

url

https://security.netapp.com/advisory/ntap-20230511-0004/

reference_url	https://access.redhat.com/errata/RHSA-2022:7398
reference_id	RHSA-2022:7398
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7398

reference_url	https://access.redhat.com/errata/RHSA-2023:0772
reference_id	RHSA-2023:0772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0772

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2022-3162, GHSA-2394-5535-8j88

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5d-jxkg-mbhn

url VCID-eztq-5cu5-7yfd

vulnerability_id VCID-eztq-5cu5-7yfd

summary

Kubernetes Arbitrary Command Injection
In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.

### Specific Go Packages Affected
k8s.io/kubernetes/pkg/util/mount

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002101.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002101.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002101

reference_id

reference_type

scores

value	0.0085
scoring_system	epss
scoring_elements	0.74903
published_at	2026-04-21T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74825
published_at	2026-04-01T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74827
published_at	2026-04-02T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74855
published_at	2026-04-04T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74829
published_at	2026-04-07T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74861
published_at	2026-04-08T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74875
published_at	2026-04-09T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74899
published_at	2026-04-11T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74878
published_at	2026-04-12T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74868
published_at	2026-04-13T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74905
published_at	2026-04-16T12:55:00Z

value	0.0085
scoring_system	epss
scoring_elements	0.74912
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002101

reference_url

https://github.com/kubernetes/kubernetes/commit/d65039c56ce4de5f2efdc38aa1284eeb95f89169

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/d65039c56ce4de5f2efdc38aa1284eeb95f89169

reference_url

https://github.com/kubernetes/kubernetes/issues/65750

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/65750

reference_url

https://github.com/kubernetes/kubernetes/pull/65751

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/65751

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002101

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1002101

reference_url

https://security.netapp.com/advisory/ntap-20190416-0008

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190416-0008

reference_url

http://www.securityfocus.com/bid/106238

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106238

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1659877
reference_id	1659877
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1659877

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2018-1002101, GHSA-wqwf-x5cj-rg56

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eztq-5cu5-7yfd

url VCID-fbzn-vujj-pud5

vulnerability_id VCID-fbzn-vujj-pud5

summary

Excessive Platform Resource Consumption within a Loop in Kubernetes
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11254

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.31175
published_at	2026-04-21T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31276
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31203
published_at	2026-04-18T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31222
published_at	2026-04-16T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31189
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31232
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.312
published_at	2026-04-01T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31327
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31368
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31188
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31241
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31272
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11254

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48

reference_url

https://github.com/go-yaml/yaml/pull/555

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/go-yaml/yaml/pull/555

reference_url

https://github.com/kubernetes/kubernetes/issues/89535

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/89535

reference_url

https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/87467/commits/b86df2bec4f377afc0ca03482ffad2f0a49a83b8

reference_url

https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11254

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11254

reference_url

https://pkg.go.dev/vuln/GO-2020-0036

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2020-0036

reference_url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_url	https://security.netapp.com/advisory/ntap-20200413-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1819486
reference_id	1819486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1819486

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://access.redhat.com/errata/RHSA-2020:0933
reference_id	RHSA-2020:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0933

reference_url	https://access.redhat.com/errata/RHSA-2020:2412
reference_id	RHSA-2020:2412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2412

reference_url	https://access.redhat.com/errata/RHSA-2020:2413
reference_id	RHSA-2020:2413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2413

reference_url	https://access.redhat.com/errata/RHSA-2020:2479
reference_id	RHSA-2020:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2479

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11254, GHSA-wxc4-f4m6-wwqv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbzn-vujj-pud5

url VCID-fmcb-kpgu-5fcg

vulnerability_id VCID-fmcb-kpgu-5fcg

summary

Authorization bypass in Openshift
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2016-1906

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2016-1906

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1906

reference_id

reference_type

scores

value	0.02541
scoring_system	epss
scoring_elements	0.85461
published_at	2026-04-13T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85486
published_at	2026-04-21T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.8549
published_at	2026-04-18T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85485
published_at	2026-04-16T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85388
published_at	2026-04-01T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.854
published_at	2026-04-02T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.8542
published_at	2026-04-04T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85423
published_at	2026-04-07T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85444
published_at	2026-04-08T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85452
published_at	2026-04-09T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85467
published_at	2026-04-11T12:55:00Z

value	0.02541
scoring_system	epss
scoring_elements	0.85465
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1906

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1297916

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1297916

reference_url

https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406

reference_url

https://github.com/openshift/origin/issues/6556

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/openshift/origin/issues/6556

reference_url

https://github.com/openshift/origin/pull/6576

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/openshift/origin/pull/6576

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1906

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1906

reference_url

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2016-1906, GHSA-m3fm-h5jp-q79p

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmcb-kpgu-5fcg

url VCID-fpvm-f4py-mfbb

vulnerability_id VCID-fpvm-f4py-mfbb

summary kubernetes: Volume security can be sidestepped with innocent emptyDir and subpath

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002101.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002101.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002101

reference_id

reference_type

scores

value	0.33507
scoring_system	epss
scoring_elements	0.96899
published_at	2026-04-01T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96906
published_at	2026-04-02T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96911
published_at	2026-04-04T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96916
published_at	2026-04-07T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96924
published_at	2026-04-08T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96926
published_at	2026-04-09T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96929
published_at	2026-04-11T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.9693
published_at	2026-04-12T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96931
published_at	2026-04-13T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96938
published_at	2026-04-16T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96942
published_at	2026-04-18T12:55:00Z

value	0.33507
scoring_system	epss
scoring_elements	0.96945
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002101

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002101
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002101

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1525130
reference_id	1525130
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1525130

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892801
reference_id	892801
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892801

fixed_packages

url	pkg:deb/debian/kubernetes@1.7.16%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.7.16%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.7.16%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2017-1002101

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fpvm-f4py-mfbb

url VCID-ftrr-y54a-s7a1

vulnerability_id VCID-ftrr-y54a-s7a1

summary

Kubernetes kubelet arbitrary command execution
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10220.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-10220

reference_id

reference_type

scores

value	0.33227
scoring_system	epss
scoring_elements	0.96892
published_at	2026-04-07T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96906
published_at	2026-04-12T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96905
published_at	2026-04-11T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96902
published_at	2026-04-09T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96901
published_at	2026-04-08T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96884
published_at	2026-04-02T12:55:00Z

value	0.33227
scoring_system	epss
scoring_elements	0.96888
published_at	2026-04-04T12:55:00Z

value	0.39569
scoring_system	epss
scoring_elements	0.97317
published_at	2026-04-21T12:55:00Z

value	0.39569
scoring_system	epss
scoring_elements	0.97316
published_at	2026-04-18T12:55:00Z

value	0.39569
scoring_system	epss
scoring_elements	0.97313
published_at	2026-04-16T12:55:00Z

value	0.39569
scoring_system	epss
scoring_elements	0.97306
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-10220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/1ab06efe92d8e898ca1931471c9533ce94aba29b

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/1ab06efe92d8e898ca1931471c9533ce94aba29b

reference_url

https://github.com/kubernetes/kubernetes/issues/128885

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:21:04Z/

url

https://github.com/kubernetes/kubernetes/issues/128885

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:21:04Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-10220

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-10220

reference_url

https://pkg.go.dev/vuln/GO-2024-3286

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2024-3286

reference_url

http://www.openwall.com/lists/oss-security/2024/11/20/1

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/11/20/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2323060
reference_id	2323060
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2323060

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2024-10220, GHSA-27wf-5967-98gx

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftrr-y54a-s7a1

url VCID-humx-y4h8-pbeb

vulnerability_id VCID-humx-y4h8-pbeb

summary kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp`

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11246.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11246.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11246

reference_id

reference_type

scores

value	0.01482
scoring_system	epss
scoring_elements	0.80938
published_at	2026-04-01T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81035
published_at	2026-04-21T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81006
published_at	2026-04-12T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.80998
published_at	2026-04-13T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81036
published_at	2026-04-16T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81037
published_at	2026-04-18T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.80947
published_at	2026-04-02T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.8097
published_at	2026-04-04T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.80968
published_at	2026-04-07T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.80996
published_at	2026-04-08T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81003
published_at	2026-04-09T12:55:00Z

value	0.01482
scoring_system	epss
scoring_elements	0.81019
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11246

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kubernetes/kubernetes/pull/76788
reference_id
reference_type
scores
url	https://github.com/kubernetes/kubernetes/pull/76788

reference_url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/NLs2TGbfPdo
reference_id
reference_type
scores
url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/NLs2TGbfPdo

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1721704
reference_id	1721704
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1721704

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11246

reference_id

CVE-2019-11246

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11246

reference_url	https://access.redhat.com/errata/RHSA-2019:1632
reference_id	RHSA-2019:1632
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1632

reference_url	https://access.redhat.com/errata/RHSA-2019:1633
reference_id	RHSA-2019:1633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1633

reference_url	https://access.redhat.com/errata/RHSA-2019:1852
reference_id	RHSA-2019:1852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1852

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11246

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-humx-y4h8-pbeb

url VCID-jgn7-651b-p3cm

vulnerability_id VCID-jgn7-651b-p3cm

summary

Access Restriction Bypass in kube-apiserver
A vulnerability in Kubernetes `kube-apiserver` could allow node updates to bypass a _Validating Admission Webhook_ and allow unauthorized node updates. The information that is provided to the admission controller could contain old configurations that overwrite values used for validation. Since the overwriting takes place before the validation, this could lead the admission controller to accept requests that should be blocked. The vulnerability can be exploited when an update action on node resources is performed and an admission controller is in place and configured to validate the action.

Users are only affected by this vulnerability if they are running a _Validating Admission Webhook_ for Nodes that denies admission based partially on the old state of the Node object. It only impacts validating admission plugins that rely on old values in certain fields and does not impact calls from kubelets that go through the built-in NodeRestriction admission plugin.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25735.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25735.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25735

reference_id

reference_type

scores

value	0.14393
scoring_system	epss
scoring_elements	0.94446
published_at	2026-04-21T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94443
published_at	2026-04-18T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94437
published_at	2026-04-16T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94422
published_at	2026-04-13T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.9442
published_at	2026-04-11T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94418
published_at	2026-04-09T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94414
published_at	2026-04-08T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94405
published_at	2026-04-07T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94384
published_at	2026-04-01T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94403
published_at	2026-04-04T12:55:00Z

value	0.14393
scoring_system	epss
scoring_elements	0.94391
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25735

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1937562

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1937562

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25735

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90

reference_url

https://github.com/kubernetes/kubernetes/issues/100096

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/100096

reference_url

https://github.com/kubernetes/kubernetes/pull/99946

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/99946

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25735

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25735

reference_url

https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver

reference_url

https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793
reference_id	990793
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793

reference_url

https://security.archlinux.org/AVG-1825

reference_id

AVG-1825

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1825

reference_url	https://access.redhat.com/errata/RHSA-2021:2437
reference_id	RHSA-2021:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2437

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25735, GHSA-g42g-737j-qx6j

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jgn7-651b-p3cm

url VCID-jjnq-w1uh-dudy

vulnerability_id VCID-jjnq-w1uh-dudy

summary

Incomplete List of Disallowed Inputs in Kubernetes
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25737.json

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25737

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59426
published_at	2026-04-21T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59444
published_at	2026-04-18T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59438
published_at	2026-04-16T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59406
published_at	2026-04-13T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59424
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59441
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59422
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59408
published_at	2026-04-08T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59367
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59357
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59391
published_at	2026-04-04T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59293
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25737

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/102106

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/102106

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25737

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25737

reference_url

https://security.netapp.com/advisory/ntap-20211004-0004

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211004-0004

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1954917
reference_id	1954917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1954917

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793
reference_id	990793
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793

reference_url	https://security.archlinux.org/ASA-202106-29
reference_id	ASA-202106-29
reference_type
scores
url	https://security.archlinux.org/ASA-202106-29

reference_url

https://security.archlinux.org/AVG-1970

reference_id

AVG-1970

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1970

reference_url	https://access.redhat.com/errata/RHSA-2021:2437
reference_id	RHSA-2021:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2437

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25737, GHSA-mfv7-gq43-w965

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjnq-w1uh-dudy

url VCID-jm3q-n1be-3uc8

vulnerability_id VCID-jm3q-n1be-3uc8

summary

Kubelet vulnerable to bypass of seccomp profile enforcement
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2431.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2431.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-2431

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01201
published_at	2026-04-21T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01132
published_at	2026-04-18T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.00993
published_at	2026-04-11T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.0113
published_at	2026-04-13T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01127
published_at	2026-04-12T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01008
published_at	2026-04-09T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.0101
published_at	2026-04-08T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01006
published_at	2026-04-07T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.00998
published_at	2026-04-04T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.00997
published_at	2026-04-02T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01119
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-2431

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2431
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2431

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/118690

reference_url

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/

url

https://github.com/kubernetes/kubernetes/issues/118690

reference_url

https://github.com/kubernetes/kubernetes/pull/117020

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/117020

reference_url

https://github.com/kubernetes/kubernetes/pull/117116

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/117116

reference_url

https://github.com/kubernetes/kubernetes/pull/117117

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/117117

reference_url

https://github.com/kubernetes/kubernetes/pull/117118

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/117118

reference_url

https://github.com/kubernetes/kubernetes/pull/117147

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/117147

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/QHmx0HOQa10

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/QHmx0HOQa10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-2431

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-2431

reference_url

https://pkg.go.dev/vuln/GO-2023-1864

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2023-1864

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2215555
reference_id	2215555
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2215555

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ/

reference_id

43HDSKBKPSW53OW647B5ETHRWFFNHSRQ

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ/

reference_url	https://access.redhat.com/errata/RHSA-2023:6156
reference_id	RHSA-2023:6156
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6156

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G/

reference_id

XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:55:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G/

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-2431, GHSA-xc8m-28vv-4pjc

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jm3q-n1be-3uc8

url VCID-jwt2-1eqe-qyfq

vulnerability_id VCID-jwt2-1eqe-qyfq

summary kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11252.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11252.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11252

reference_id

reference_type

scores

value	0.00355
scoring_system	epss
scoring_elements	0.57729
published_at	2026-04-01T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57813
published_at	2026-04-02T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57833
published_at	2026-04-04T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57808
published_at	2026-04-07T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57863
published_at	2026-04-08T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57864
published_at	2026-04-09T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57881
published_at	2026-04-11T12:55:00Z

value	0.00608
scoring_system	epss
scoring_elements	0.6974
published_at	2026-04-21T12:55:00Z

value	0.00608
scoring_system	epss
scoring_elements	0.69723
published_at	2026-04-12T12:55:00Z

value	0.00608
scoring_system	epss
scoring_elements	0.6971
published_at	2026-04-13T12:55:00Z

value	0.00608
scoring_system	epss
scoring_elements	0.6975
published_at	2026-04-16T12:55:00Z

value	0.00608
scoring_system	epss
scoring_elements	0.69759
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11252

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860158
reference_id	1860158
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860158

reference_url	https://access.redhat.com/errata/RHSA-2020:2412
reference_id	RHSA-2020:2412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2412

reference_url	https://access.redhat.com/errata/RHSA-2020:2413
reference_id	RHSA-2020:2413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2413

fixed_packages

url	pkg:deb/debian/kubernetes@1.18.0-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.18.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.0-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11252

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwt2-1eqe-qyfq

url VCID-k31a-cbd1-wkh5

vulnerability_id VCID-k31a-cbd1-wkh5

summary

Access Restriction Bypass in kubernetes
The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.

### Specific Go Packages Affected
github.com/kubernetes/kubernetes/pkg/apiserver

references

reference_url

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2016-1905

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json

reference_url

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2016-1905

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1905

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4651
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46538
published_at	2026-04-21T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46591
published_at	2026-04-18T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46594
published_at	2026-04-16T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46537
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46528
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.4653
published_at	2026-04-04T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46556
published_at	2026-04-11T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46472
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46533
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46478
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1905

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1297910

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1297910

reference_url

https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22

reference_url

https://github.com/kubernetes/kubernetes/issues/19479

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/19479

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1905

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:P/A:N

value	7.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1905

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:-:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2016-1905, GHSA-xx8c-m748-xr4j

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k31a-cbd1-wkh5

url VCID-kgvu-q3dc-8khe

vulnerability_id VCID-kgvu-q3dc-8khe

summary

Confused Deputy in Kubernetes
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8561.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8561.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8561

reference_id

reference_type

scores

value	0.00183
scoring_system	epss
scoring_elements	0.40046
published_at	2026-04-18T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40075
published_at	2026-04-16T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40025
published_at	2026-04-13T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40055
published_at	2026-04-02T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40002
published_at	2026-04-07T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40081
published_at	2026-04-04T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40044
published_at	2026-04-12T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.4008
published_at	2026-04-11T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.4007
published_at	2026-04-09T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40056
published_at	2026-04-08T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.39908
published_at	2026-04-01T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40577
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8561

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8561
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8561

reference_url

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/104720

reference_url

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/104720

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsY

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsY

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8561

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8561

reference_url

https://security.netapp.com/advisory/ntap-20211014-0002

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211014-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2000366
reference_id	2000366
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2000366

reference_url

https://security.archlinux.org/AVG-2394

reference_id

AVG-2394

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2394

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8561, GHSA-74j8-88mm-7496

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgvu-q3dc-8khe

url VCID-m3n6-yj6t-y7eq

vulnerability_id VCID-m3n6-yj6t-y7eq

summary kubernetes: Incorrect default access permissions for Persistent Volumes

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002100.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002100.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002100

reference_id

reference_type

scores

value	0.00267
scoring_system	epss
scoring_elements	0.5013
published_at	2026-04-01T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50211
published_at	2026-04-21T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50235
published_at	2026-04-16T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50237
published_at	2026-04-18T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50175
published_at	2026-04-02T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50203
published_at	2026-04-04T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50153
published_at	2026-04-07T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50207
published_at	2026-04-08T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50201
published_at	2026-04-09T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50229
published_at	2026-04-11T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50202
published_at	2026-04-12T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50191
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002100

reference_url	https://github.com/kubernetes/kubernetes/issues/47611
reference_id
reference_type
scores
url	https://github.com/kubernetes/kubernetes/issues/47611

reference_url	https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ
reference_id
reference_type
scores
url	https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1492101
reference_id	1492101
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1492101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha.3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta.4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc.1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta.1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta.1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta.0::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1002100

reference_id

CVE-2017-1002100

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1002100

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2017-1002100

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3n6-yj6t-y7eq

url VCID-nush-2wsq-b3f5

vulnerability_id VCID-nush-2wsq-b3f5

summary

Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validation
Kubernetes is vulnerable to privilege escalation when a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3893.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3893.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3893

reference_id

reference_type

scores

value	0.03694
scoring_system	epss
scoring_elements	0.87958
published_at	2026-04-21T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87944
published_at	2026-04-12T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87957
published_at	2026-04-18T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87943
published_at	2026-04-13T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87897
published_at	2026-04-02T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.8791
published_at	2026-04-04T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87913
published_at	2026-04-07T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87934
published_at	2026-04-08T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.8794
published_at	2026-04-09T12:55:00Z

value	0.03694
scoring_system	epss
scoring_elements	0.87951
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3893

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes-csi/csi-proxy

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes-csi/csi-proxy

reference_url

https://github.com/kubernetes-csi/csi-proxy/commit/0e83a68159111e4ee510f5aa56d47ba97bda60c7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes-csi/csi-proxy/commit/0e83a68159111e4ee510f5aa56d47ba97bda60c7

reference_url

https://github.com/kubernetes-csi/csi-proxy/commit/2523e6674dedf3de27f84235efec28555da24664

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes-csi/csi-proxy/commit/2523e6674dedf3de27f84235efec28555da24664

reference_url

https://github.com/kubernetes/kubernetes/issues/119594

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/119594

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-3893

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-3893

reference_url

https://security.netapp.com/advisory/ntap-20231221-0004

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231221-0004

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2227129
reference_id	2227129
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2227129

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-3893, GHSA-r6cc-7wj7-gfx2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nush-2wsq-b3f5

url VCID-ny1b-eq77-fuhw

vulnerability_id VCID-ny1b-eq77-fuhw

summary

Server Side Request Forgery (SSRF) in Kubernetes
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8555

reference_id

reference_type

scores

value	0.0861
scoring_system	epss
scoring_elements	0.92443
published_at	2026-04-21T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.9244
published_at	2026-04-18T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92396
published_at	2026-04-02T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92432
published_at	2026-04-12T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92429
published_at	2026-04-13T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92423
published_at	2026-04-09T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-08T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92407
published_at	2026-04-07T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92403
published_at	2026-04-04T12:55:00Z

value	0.0861
scoring_system	epss
scoring_elements	0.92389
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8555

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8555

reference_url

https://github.com/kubernetes/kubernetes/issues/91542

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/91542

reference_url

https://github.com/kubernetes/kubernetes/pull/89794

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/89794

reference_url

https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8555

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8555

reference_url

https://security.netapp.com/advisory/ntap-20200724-0005

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200724-0005

reference_url

http://www.openwall.com/lists/oss-security/2020/06/01/4

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/06/01/4

reference_url

http://www.openwall.com/lists/oss-security/2021/05/04/8

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/05/04/8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1821583
reference_id	1821583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1821583

reference_url	https://access.redhat.com/errata/RHSA-2020:2440
reference_id	RHSA-2020:2440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2440

reference_url	https://access.redhat.com/errata/RHSA-2020:2441
reference_id	RHSA-2020:2441
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2441

reference_url	https://access.redhat.com/errata/RHSA-2020:2448
reference_id	RHSA-2020:2448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2448

reference_url	https://access.redhat.com/errata/RHSA-2020:2449
reference_id	RHSA-2020:2449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2449

reference_url	https://access.redhat.com/errata/RHSA-2020:2479
reference_id	RHSA-2020:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2479

reference_url	https://access.redhat.com/errata/RHSA-2020:2594
reference_id	RHSA-2020:2594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2594

fixed_packages

url	pkg:deb/debian/kubernetes@1.18.2-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.18.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.2-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8555, GHSA-x6mj-w4jf-jmgw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ny1b-eq77-fuhw

url VCID-pjvk-1xxm-87d8

vulnerability_id VCID-pjvk-1xxm-87d8

summary

Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3177

reference_id

reference_type

scores

value	0.06395
scoring_system	epss
scoring_elements	0.91053
published_at	2026-04-21T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.90991
published_at	2026-04-04T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.9105
published_at	2026-04-18T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.91052
published_at	2026-04-16T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.91027
published_at	2026-04-13T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.91019
published_at	2026-04-09T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.91013
published_at	2026-04-08T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.91001
published_at	2026-04-07T12:55:00Z

value	0.06395
scoring_system	epss
scoring_elements	0.90981
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-pxhw-596r-rwq5

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-pxhw-596r-rwq5

reference_url

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a

reference_url

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7c861b1ecad97e1ab9332c970c9294a72065111a

reference_url

https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/a619ca3fd3ee3c222d9df784622020de398076d2

reference_url

https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/f9fb6cf52a769a599a45e700375115c2ecc86e9b

reference_url

https://github.com/kubernetes/kubernetes/issues/124336

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/

url

https://github.com/kubernetes/kubernetes/issues/124336

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:12:31Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-3177

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-3177

reference_url

https://pkg.go.dev/vuln/GO-2024-2746

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2024-2746

reference_url

http://www.openwall.com/lists/oss-security/2024/04/16/4

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/04/16/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2274118
reference_id	2274118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2274118

reference_url	https://access.redhat.com/errata/RHSA-2024:0043
reference_id	RHSA-2024:0043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0043

reference_url	https://access.redhat.com/errata/RHSA-2024:2054
reference_id	RHSA-2024:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2054

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2024-3177, GHSA-pxhw-596r-rwq5

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjvk-1xxm-87d8

url VCID-ppcs-yxcf-57at

vulnerability_id VCID-ppcs-yxcf-57at

summary

Kubernetes kube-apiserver Vulnerable to Race Condition
A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7598.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7598.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7598

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04921
published_at	2026-04-21T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04776
published_at	2026-04-18T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04767
published_at	2026-04-16T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.0482
published_at	2026-04-13T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.0484
published_at	2026-04-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04861
published_at	2026-04-11T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04884
published_at	2026-04-09T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04867
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04789
published_at	2026-04-02T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04829
published_at	2026-04-07T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04812
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7598

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/126587

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T18:40:30Z/

url

https://github.com/kubernetes/kubernetes/issues/126587

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T18:40:30Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-7598

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-7598

reference_url

http://www.openwall.com/lists/oss-security/2025/03/20/2

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/20/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2353913
reference_id	2353913
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2353913

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2024-7598, GHSA-r56h-j38w-hrqq

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcs-yxcf-57at

url VCID-pqb1-j3ad-efam

vulnerability_id VCID-pqb1-j3ad-efam

summary

kube-apiserver vulnerable to policy bypass
Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2727.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2727.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-2727

reference_id

reference_type

scores

value	0.00191
scoring_system	epss
scoring_elements	0.40892
published_at	2026-04-21T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.4097
published_at	2026-04-18T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.41
published_at	2026-04-16T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40958
published_at	2026-04-13T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40975
published_at	2026-04-12T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.4101
published_at	2026-04-11T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.41009
published_at	2026-04-04T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40976
published_at	2026-04-02T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40991
published_at	2026-04-09T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40984
published_at	2026-04-08T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40935
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-2727

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2727
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2727

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/118640

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/

url

https://github.com/kubernetes/kubernetes/issues/118640

reference_url

https://github.com/kubernetes/kubernetes/pull/118356

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118356

reference_url

https://github.com/kubernetes/kubernetes/pull/118471

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118471

reference_url

https://github.com/kubernetes/kubernetes/pull/118473

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118473

reference_url

https://github.com/kubernetes/kubernetes/pull/118474

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118474

reference_url

https://github.com/kubernetes/kubernetes/pull/118512

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/118512

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-2727

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-2727

reference_url

https://security.netapp.com/advisory/ntap-20230803-0004

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230803-0004

reference_url

http://www.openwall.com/lists/oss-security/2023/07/06/2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/

url

http://www.openwall.com/lists/oss-security/2023/07/06/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2211322
reference_id	2211322
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2211322

reference_url

https://security.netapp.com/advisory/ntap-20230803-0004/

reference_id

ntap-20230803-0004

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T17:43:56Z/

url

https://security.netapp.com/advisory/ntap-20230803-0004/

reference_url	https://access.redhat.com/errata/RHSA-2023:5009
reference_id	RHSA-2023:5009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5009

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-2727, GHSA-qc2g-gmh6-95p4

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqb1-j3ad-efam

url VCID-ptve-3k7k-cqcm

vulnerability_id VCID-ptve-3k7k-cqcm

summary

Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8551.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8551.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8551

reference_id

reference_type

scores

value	0.00615
scoring_system	epss
scoring_elements	0.69918
published_at	2026-04-21T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69824
published_at	2026-04-01T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69836
published_at	2026-04-02T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69851
published_at	2026-04-04T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69829
published_at	2026-04-07T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69877
published_at	2026-04-08T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69893
published_at	2026-04-09T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69915
published_at	2026-04-11T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.699
published_at	2026-04-12T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69885
published_at	2026-04-13T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69927
published_at	2026-04-16T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69936
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8551

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/kubernetes/commit/9802bfcec0580169cffce2a3d468689a407fa7dc

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/9802bfcec0580169cffce2a3d468689a407fa7dc

reference_url

https://github.com/kubernetes/kubernetes/issues/89377

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/89377

reference_url

https://github.com/kubernetes/kubernetes/pull/87913

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/87913

reference_url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
reference_id
reference_type
scores
url	https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s

reference_url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8551

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8551

reference_url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200413-0003

reference_url	https://security.netapp.com/advisory/ntap-20200413-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1816403
reference_id	1816403
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1816403

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*

reference_url	https://access.redhat.com/errata/RHSA-2020:1276
reference_id	RHSA-2020:1276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1276

reference_url	https://access.redhat.com/errata/RHSA-2020:1277
reference_id	RHSA-2020:1277
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1277

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8551, GHSA-qhm4-jxv7-j9pq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptve-3k7k-cqcm

url VCID-qpg5-h1k8-yydt

vulnerability_id VCID-qpg5-h1k8-yydt

summary

Directory Traversal in Kubernetes
Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd.

references

reference_url

https://access.redhat.com/errata/RHSA-2015:1945

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:1945

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5305.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5305.json

reference_url

https://access.redhat.com/security/cve/CVE-2015-5305

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2015-5305

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5305

reference_id

reference_type

scores

value	0.00283
scoring_system	epss
scoring_elements	0.51735
published_at	2026-04-13T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51751
published_at	2026-04-12T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51773
published_at	2026-04-11T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51724
published_at	2026-04-09T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51728
published_at	2026-04-08T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51687
published_at	2026-04-02T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51761
published_at	2026-04-21T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51781
published_at	2026-04-18T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51775
published_at	2026-04-16T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51673
published_at	2026-04-07T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51713
published_at	2026-04-04T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51636
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5305

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1273969

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1273969

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/37f730f68c7f06e060f90714439bfb0dbb2df5e7

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/37f730f68c7f06e060f90714439bfb0dbb2df5e7

reference_url

https://github.com/kubernetes/kubernetes/commit/68f2add9bd5d43b9da1424d87d88f83d120e17d0

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/68f2add9bd5d43b9da1424d87d88f83d120e17d0

reference_url

https://github.com/kubernetes/kubernetes/pull/16381

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/16381

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5305

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5305

reference_url

https://pkg.go.dev/vuln/GO-2022-0701

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2022-0701

reference_url

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5305

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5305

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0::::enterprise:::
reference_id	cpe:2.3:a:redhat:openshift:3.0::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0::::enterprise:::

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2015-5305, GHSA-jp32-vmm6-3vf5

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpg5-h1k8-yydt

url VCID-qxw4-2hry-uuf4

vulnerability_id VCID-qxw4-2hry-uuf4

summary

Kubernetes Improper Input Validation vulnerability
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5528.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5528.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5528

reference_id

reference_type

scores

value	0.18507
scoring_system	epss
scoring_elements	0.95259
published_at	2026-04-21T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95257
published_at	2026-04-18T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95254
published_at	2026-04-16T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95246
published_at	2026-04-13T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95243
published_at	2026-04-12T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95242
published_at	2026-04-11T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95237
published_at	2026-04-09T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95233
published_at	2026-04-08T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95226
published_at	2026-04-07T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.95222
published_at	2026-04-04T12:55:00Z

value	0.18507
scoring_system	epss
scoring_elements	0.9522
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5528

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/121879

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/121879

reference_url

https://github.com/kubernetes/kubernetes/pull/121881

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/121881

reference_url

https://github.com/kubernetes/kubernetes/pull/121882

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/121882

reference_url

https://github.com/kubernetes/kubernetes/pull/121883

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/121883

reference_url

https://github.com/kubernetes/kubernetes/pull/121884

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/121884

reference_url

https://github.com/kubernetes/kubernetes/pull/121885

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/121885

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5528

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5528

reference_url

https://security.netapp.com/advisory/ntap-20240119-0009

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240119-0009

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2247163
reference_id	2247163
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2247163

reference_url	https://security.gentoo.org/glsa/202405-31
reference_id	GLSA-202405-31
reference_type
scores
url	https://security.gentoo.org/glsa/202405-31

reference_url	https://access.redhat.com/errata/RHSA-2023:7662
reference_id	RHSA-2023:7662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7662

reference_url	https://access.redhat.com/errata/RHSA-2023:7709
reference_id	RHSA-2023:7709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7709

reference_url	https://access.redhat.com/errata/RHSA-2023:7710
reference_id	RHSA-2023:7710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7710

reference_url	https://access.redhat.com/errata/RHSA-2024:0954
reference_id	RHSA-2024:0954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0954

reference_url	https://access.redhat.com/errata/RHSA-2024:1203
reference_id	RHSA-2024:1203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1203

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2023-5528, GHSA-hq6q-c2x6-hmch

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxw4-2hry-uuf4

url VCID-rwt5-ctc9-tba1

vulnerability_id VCID-rwt5-ctc9-tba1

summary

Kubernetes client-go library logs may disclose credentials to unauthorized users
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected.

references

reference_url

https://access.redhat.com/errata/RHSA-2019:4052

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:4052

reference_url

https://access.redhat.com/errata/RHSA-2019:4087

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:4087

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11250.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11250.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11250

reference_id

reference_type

scores

value	0.0081
scoring_system	epss
scoring_elements	0.74229
published_at	2026-04-12T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74248
published_at	2026-04-11T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74227
published_at	2026-04-09T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74212
published_at	2026-04-08T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74207
published_at	2026-04-04T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74179
published_at	2026-04-07T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74174
published_at	2026-04-01T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74262
published_at	2026-04-21T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.7427
published_at	2026-04-18T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.7426
published_at	2026-04-16T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74222
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245

reference_url

https://github.com/kubernetes/kubernetes/issues/81114

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/81114

reference_url

https://github.com/kubernetes/kubernetes/pull/81330

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/81330

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11250

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:N/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11250

reference_url

https://pkg.go.dev/vuln/GO-2021-0065

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2021-0065

reference_url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url

http://www.openwall.com/lists/oss-security/2020/10/16/2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/10/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1740434
reference_id	1740434
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1740434

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934801
reference_id	934801
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934801

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.3:-::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.15.4:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.16.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11250, GHSA-jmrx-5g74-6v2f

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rwt5-ctc9-tba1

url VCID-srhm-91w1-k3h7

vulnerability_id VCID-srhm-91w1-k3h7

summary kubelet: runAsNonRoot logic bypass for Windows containers

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25749.json

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25749.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25749

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11474
published_at	2026-04-01T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11601
published_at	2026-04-02T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11523
published_at	2026-04-21T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1154
published_at	2026-04-13T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.114
published_at	2026-04-18T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11659
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11447
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11532
published_at	2026-04-08T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11592
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11602
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11566
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25749

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2127808
reference_id	2127808
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2127808

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/qqTZgulISzA

reference_id

qqTZgulISzA

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-16T21:21:04Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/qqTZgulISzA

reference_url	https://access.redhat.com/errata/RHSA-2022:9096
reference_id	RHSA-2022:9096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9096

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25749

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-srhm-91w1-k3h7

url VCID-su6u-whda-fkdw

vulnerability_id VCID-su6u-whda-fkdw

summary 3: API server does not validate client-provided intermediate certificates correctly

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7075.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7075.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7075

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50773
published_at	2026-04-01T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.5083
published_at	2026-04-02T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50855
published_at	2026-04-04T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50813
published_at	2026-04-07T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.5087
published_at	2026-04-08T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50868
published_at	2026-04-09T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50909
published_at	2026-04-16T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50888
published_at	2026-04-12T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50871
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50915
published_at	2026-04-18T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50895
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7075

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7075
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7075

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1384112
reference_id	1384112
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1384112

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795652
reference_id	795652
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795652

reference_url	https://access.redhat.com/errata/RHSA-2016:2064
reference_id	RHSA-2016:2064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2064

fixed_packages

url	pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.5.5%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2016-7075

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su6u-whda-fkdw

url VCID-sur2-ewj3-8bgx

vulnerability_id VCID-sur2-ewj3-8bgx

summary

Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API
A security vulnerability has been discovered in Kubernetes windows nodes that could allow a user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host.  This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9042.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9042.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-9042

reference_id

reference_type

scores

value	0.00345
scoring_system	epss
scoring_elements	0.57154
published_at	2026-04-18T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57131
published_at	2026-04-13T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57151
published_at	2026-04-12T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57172
published_at	2026-04-11T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.5716
published_at	2026-04-09T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57107
published_at	2026-04-07T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.5713
published_at	2026-04-04T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57108
published_at	2026-04-02T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57158
published_at	2026-04-16T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57832
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-9042

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/45f4ccc2153bbb782253704cbe24c05e22b5d60c

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/45f4ccc2153bbb782253704cbe24c05e22b5d60c

reference_url

https://github.com/kubernetes/kubernetes/commit/5fe148234f8ab1184f26069c4f7bef6c37efe347

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/5fe148234f8ab1184f26069c4f7bef6c37efe347

reference_url

https://github.com/kubernetes/kubernetes/commit/75c83a6871dc030675288c6d63c275a43c2f0d55

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/75c83a6871dc030675288c6d63c275a43c2f0d55

reference_url

https://github.com/kubernetes/kubernetes/commit/fb0187c2bf7061258bb89891edb1237261eb7abc

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/fb0187c2bf7061258bb89891edb1237261eb7abc

reference_url

https://github.com/kubernetes/kubernetes/issues/129654

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:24:29Z/

url

https://github.com/kubernetes/kubernetes/issues/129654

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:24:29Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-9042

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-9042

reference_url

http://www.openwall.com/lists/oss-security/2025/01/16/1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/01/16/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2337297
reference_id	2337297
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2337297

reference_url	https://access.redhat.com/errata/RHSA-2025:8704
reference_id	RHSA-2025:8704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8704

reference_url	https://access.redhat.com/errata/RHSA-2025:9136
reference_id	RHSA-2025:9136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9136

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2024-9042, GHSA-vv39-3w5q-974q

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sur2-ewj3-8bgx

url VCID-tc46-9vdm-xudz

vulnerability_id VCID-tc46-9vdm-xudz

summary

Improper Authentication in Kubernetes
A security issue was discovered in the Kubelet and kube-proxy components of Kubernetes which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. For example, if a cluster administrator runs a TCP service on a node that listens on 127.0.0.1:1234, because of this bug, that service would be potentially reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. If the example service on port 1234 required no additional authentication (because it assumed that only other localhost processes could reach it), then it could be vulnerable to attacks that make use of this bug.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8558.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8558

reference_id

reference_type

scores

value	0.20149
scoring_system	epss
scoring_elements	0.95456
published_at	2026-04-01T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95493
published_at	2026-04-13T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95492
published_at	2026-04-12T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.9549
published_at	2026-04-11T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95485
published_at	2026-04-09T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95482
published_at	2026-04-08T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95476
published_at	2026-04-07T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95472
published_at	2026-04-04T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95466
published_at	2026-04-02T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95509
published_at	2026-04-21T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95506
published_at	2026-04-18T12:55:00Z

value	0.20149
scoring_system	epss
scoring_elements	0.95501
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8558

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1843358

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1843358

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/92315

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/92315

reference_url

https://github.com/tabbysable/POC-2020-8558

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tabbysable/POC-2020-8558

reference_url

https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE

reference_url

https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8558

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8558

reference_url

https://security.netapp.com/advisory/ntap-20200821-0001

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200821-0001

reference_url

https://www.openwall.com/lists/oss-security/2020/07/08/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2020/07/08/1

reference_url	https://access.redhat.com/errata/RHSA-2020:2412
reference_id	RHSA-2020:2412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2412

reference_url	https://access.redhat.com/errata/RHSA-2020:2413
reference_id	RHSA-2020:2413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2413

reference_url	https://access.redhat.com/errata/RHSA-2020:2926
reference_id	RHSA-2020:2926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2926

reference_url	https://access.redhat.com/errata/RHSA-2020:2927
reference_id	RHSA-2020:2927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2927

reference_url	https://access.redhat.com/errata/RHSA-2020:2992
reference_id	RHSA-2020:2992
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2992

reference_url	https://access.redhat.com/errata/RHSA-2020:3183
reference_id	RHSA-2020:3183
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3183

reference_url	https://access.redhat.com/errata/RHSA-2020:3184
reference_id	RHSA-2020:3184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3184

fixed_packages

url	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8558, GHSA-wqv3-8cm6-h6wg

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tc46-9vdm-xudz

url VCID-u8h6-kbws-8fbp

vulnerability_id VCID-u8h6-kbws-8fbp

summary

Sensitive Information leak via Log File in Kubernetes
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8563.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8563

reference_id

reference_type

scores

value	0.00075
scoring_system	epss
scoring_elements	0.22591
published_at	2026-04-21T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.2264
published_at	2026-04-18T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22643
published_at	2026-04-16T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22627
published_at	2026-04-13T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22684
published_at	2026-04-12T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22723
published_at	2026-04-11T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22705
published_at	2026-04-09T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22654
published_at	2026-04-08T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.2257
published_at	2026-04-01T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22578
published_at	2026-04-07T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22787
published_at	2026-04-04T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22743
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8563

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1886635

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1886635

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95621

reference_url

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95621

reference_url

https://github.com/kubernetes/kubernetes/pull/95236

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/95236

reference_url

https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96

reference_url

https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk

reference_url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8563

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8563

reference_url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_url	https://access.redhat.com/errata/RHSA-2020:5260
reference_id	RHSA-2020:5260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5260

reference_url	https://access.redhat.com/errata/RHSA-2020:5633
reference_id	RHSA-2020:5633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5633

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8563, GHSA-5xfg-wv98-264m

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8h6-kbws-8fbp

url VCID-uamg-zw29-yqgq

vulnerability_id VCID-uamg-zw29-yqgq

summary

kubernetes allows nodes to bypass dynamic resource allocation authorization checks
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4563.json

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4563

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10287
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10315
published_at	2026-04-16T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10446
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10468
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10501
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10471
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11297
published_at	2026-04-08T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11216
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11424
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11368
published_at	2026-04-02T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29701
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/132151

reference_url

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:57:05Z/

url

https://github.com/kubernetes/kubernetes/issues/132151

reference_url

https://github.com/kubernetes/kubernetes/pull/131844

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/131844

reference_url

https://github.com/kubernetes/kubernetes/pull/131875

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/131875

reference_url

https://github.com/kubernetes/kubernetes/pull/131876

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/131876

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T15:57:05Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-4563

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-4563

reference_url

https://pkg.go.dev/vuln/GO-2025-3774

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2025-3774

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2373839
reference_id	2373839
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2373839

reference_url

https://security.archlinux.org/AVG-2904

reference_id

AVG-2904

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2904

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2025-4563, GHSA-hj2p-8wj8-pfq4

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uamg-zw29-yqgq

url VCID-uge5-g4vw-n7de

vulnerability_id VCID-uge5-g4vw-n7de

summary

Kubernetes GitRepo Volume Inadvertent Local Repository Access
A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1767.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1767.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1767

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28606
published_at	2026-04-18T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.2863
published_at	2026-04-16T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28611
published_at	2026-04-13T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28659
published_at	2026-04-12T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.2874
published_at	2026-04-02T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28701
published_at	2026-04-09T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28661
published_at	2026-04-08T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28595
published_at	2026-04-07T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28788
published_at	2026-04-04T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28703
published_at	2026-04-11T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48222
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1767

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/130786

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:21:24Z/

url

https://github.com/kubernetes/kubernetes/pull/130786

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-13T19:21:24Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-1767

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-1767

reference_url

http://www.openwall.com/lists/oss-security/2025/03/13/9

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/13/9

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2351269
reference_id	2351269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2351269

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2025-1767, GHSA-3wgm-2gw2-vh5m

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uge5-g4vw-n7de

url VCID-vctf-a4t5-q7a2

vulnerability_id VCID-vctf-a4t5-q7a2

summary

Unverified Ownership in Kubernetes
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8554.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8554.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8554

reference_id

reference_type

scores

value	0.24784
scoring_system	epss
scoring_elements	0.96163
published_at	2026-04-18T12:55:00Z

value	0.24784
scoring_system	epss
scoring_elements	0.96159
published_at	2026-04-16T12:55:00Z

value	0.24784
scoring_system	epss
scoring_elements	0.9615
published_at	2026-04-13T12:55:00Z

value	0.24784
scoring_system	epss
scoring_elements	0.96148
published_at	2026-04-12T12:55:00Z

value	0.24784
scoring_system	epss
scoring_elements	0.96146
published_at	2026-04-09T12:55:00Z

value	0.24784
scoring_system	epss
scoring_elements	0.96142
published_at	2026-04-08T12:55:00Z

value	0.25265
scoring_system	epss
scoring_elements	0.96157
published_at	2026-04-01T12:55:00Z

value	0.25265
scoring_system	epss
scoring_elements	0.96175
published_at	2026-04-07T12:55:00Z

value	0.25265
scoring_system	epss
scoring_elements	0.96172
published_at	2026-04-04T12:55:00Z

value	0.25265
scoring_system	epss
scoring_elements	0.96208
published_at	2026-04-21T12:55:00Z

value	0.25265
scoring_system	epss
scoring_elements	0.96165
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8554

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/97076

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/97076

reference_url

https://github.com/kubernetes/kubernetes/issues/97110

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/97110

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8

reference_url

https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8554

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8554

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1891051
reference_id	1891051
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1891051

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793
reference_id	990793
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793

reference_url	https://access.redhat.com/errata/RHSA-2021:0079
reference_id	RHSA-2021:0079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0079

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.31.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.31.4%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8554, GHSA-j9wf-vvm6-4r9w

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vctf-a4t5-q7a2

url VCID-vj7p-66bc-7yam

vulnerability_id VCID-vj7p-66bc-7yam

summary

Symlink Attack in kubectl cp
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.

references

reference_url

https://access.redhat.com/errata/RHBA-2019:0619

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:0619

reference_url

https://access.redhat.com/errata/RHBA-2019:0620

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:0620

reference_url

https://access.redhat.com/errata/RHBA-2019:0636

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:0636

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002101.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1002101.json

reference_url	https://access.redhat.com/security/cve/cve-2019-1002101
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/cve-2019-1002101

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1002101

reference_id

reference_type

scores

value	0.49274
scoring_system	epss
scoring_elements	0.97759
published_at	2026-04-01T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97765
published_at	2026-04-02T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97783
published_at	2026-04-13T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97789
published_at	2026-04-16T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97792
published_at	2026-04-18T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.9779
published_at	2026-04-21T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97782
published_at	2026-04-12T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.9778
published_at	2026-04-11T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97777
published_at	2026-04-09T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97774
published_at	2026-04-08T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97769
published_at	2026-04-07T12:55:00Z

value	0.49274
scoring_system	epss
scoring_elements	0.97767
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1002101

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/kubernetes/commit/47063891dd782835170f500a83f37cc98c3c1013

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/47063891dd782835170f500a83f37cc98c3c1013

reference_url

https://github.com/kubernetes/kubernetes/pull/75037

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/75037

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPV2RE5RMOGUVP5WJMXKQJZUBBLAFZPZ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-1002101

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-1002101

reference_url

https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101

reference_url	https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/
reference_id
reference_type
scores
url	https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/

reference_url

http://www.openwall.com/lists/oss-security/2019/06/21/1

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/06/21/1

reference_url

http://www.openwall.com/lists/oss-security/2019/08/05/5

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/08/05/5

reference_url

http://www.securityfocus.com/bid/107652

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/107652

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1685213
reference_id	1685213
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1685213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:::::::*
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.14.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.14.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-1002101, GHSA-34jx-wx69-9x8v

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vj7p-66bc-7yam

url VCID-vu3k-upyc-x7av

vulnerability_id VCID-vu3k-upyc-x7av

summary

Potential proxy IP restriction bypass in Kubernetes
As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation Kubernetes does a DNS name resolution check and validates that response IPs are not in the link-local (169.254.0.0/16) or localhost (127.0.0.0/8) range. Kubernetes then performs a second DNS resolution without validation for the actual connection. If a non-standard DNS server returns different non-cached responses, a user may be able to bypass the proxy IP restriction and access private networks on the control plane. All versions of Kubernetes are impacted, and there is no fix in place.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8562.json

reference_id

reference_type

scores

value	2.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8562.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8562

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.17822
published_at	2026-04-21T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17847
published_at	2026-04-01T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18008
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18062
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17762
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1785
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.1791
published_at	2026-04-09T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17926
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17882
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17833
published_at	2026-04-13T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17775
published_at	2026-04-16T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17784
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8562

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8562
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8562

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/101493

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/101493

reference_url

https://github.com/kubernetes/kubernetes/issues/101493#issuecomment-2272095629

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/101493#issuecomment-2272095629

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/-MFX60_wdOY

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/-MFX60_wdOY

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8562

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8562

reference_url

https://security.netapp.com/advisory/ntap-20220225-0002

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220225-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1954914
reference_id	1954914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1954914

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793
reference_id	990793
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990793

reference_url

reference_id

AVG-1915

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25736.json

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8562, GHSA-qh36-44jv-c8xj

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vu3k-upyc-x7av

url VCID-w9b7-vajk-3kdq

vulnerability_id VCID-w9b7-vajk-3kdq

summary

Kube-proxy may unintentionally forward traffic
Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (`spec.ports[*].port`) as a LoadBalancer Service when the LoadBalancer controller does not set the `status.loadBalancer.ingress[].ip` field. Clusters 
where the LoadBalancer controller sets the `status.loadBalancer.ingress[].ip` field are unaffected.

references

reference_url

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25736.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25736

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23684
published_at	2026-04-21T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23729
published_at	2026-04-01T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23846
published_at	2026-04-02T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23887
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23674
published_at	2026-04-07T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23744
published_at	2026-04-08T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23791
published_at	2026-04-09T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23806
published_at	2026-04-11T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23762
published_at	2026-04-12T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23705
published_at	2026-04-13T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23716
published_at	2026-04-16T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23706
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25736

reference_url

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/b014610de3e5cf1bb0f7844b5758d29fc18b75e6

reference_url

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/b014610de3e5cf1bb0f7844b5758d29fc18b75e6

reference_url

https://github.com/kubernetes/kubernetes/pull/99958

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/

url

https://github.com/kubernetes/kubernetes/pull/99958

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25736

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25736

reference_url

https://security.netapp.com/advisory/ntap-20231221-0003

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231221-0003

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1946538
reference_id	1946538
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1946538

reference_url

https://security.netapp.com/advisory/ntap-20231221-0003/

reference_id

ntap-20231221-0003

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:39:48Z/

url

https://security.netapp.com/advisory/ntap-20231221-0003/

reference_url	https://access.redhat.com/errata/RHSA-2021:2130
reference_id	RHSA-2021:2130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2130

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2021-25736, GHSA-35c7-w35f-xwgh

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9b7-vajk-3kdq

url VCID-wpwc-fkd7-qugm

vulnerability_id VCID-wpwc-fkd7-qugm

summary

Denial of service in Kubernetes
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8557

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.29503
published_at	2026-04-21T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29649
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29548
published_at	2026-04-18T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29574
published_at	2026-04-16T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29555
published_at	2026-04-13T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29607
published_at	2026-04-12T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29652
published_at	2026-04-11T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29612
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29678
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29729
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29549
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8557

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-55qj-gj3x-jq9r

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-55qj-gj3x-jq9r

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446

reference_url

https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e

reference_url

https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981

reference_url

https://github.com/kubernetes/kubernetes/issues/93032

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/93032

reference_url

https://github.com/kubernetes/kubernetes/pull/92921

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/92921

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8557

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8557

reference_url

https://pkg.go.dev/vuln/GO-2024-2753

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2024-2753

reference_url

https://security.netapp.com/advisory/ntap-20200821-0002

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200821-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1835977
reference_id	1835977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1835977

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3520
reference_id	RHSA-2020:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3520

reference_url	https://access.redhat.com/errata/RHSA-2020:3579
reference_id	RHSA-2020:3579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3579

reference_url	https://access.redhat.com/errata/RHSA-2020:3580
reference_id	RHSA-2020:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3580

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

reference_url	https://access.redhat.com/errata/RHSA-2020:3809
reference_id	RHSA-2020:3809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3809

reference_url	https://access.redhat.com/errata/RHSA-2021:3915
reference_id	RHSA-2021:3915
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3915

fixed_packages

url	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.18.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.18.5-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8557, GHSA-55qj-gj3x-jq9r

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpwc-fkd7-qugm

url VCID-wr54-j3ky-abfa

vulnerability_id VCID-wr54-j3ky-abfa

summary

Kubernetes Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5187.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5187.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5187

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06944
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06952
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06953
published_at	2026-04-09T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08891
published_at	2026-04-21T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08834
published_at	2026-04-02T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08883
published_at	2026-04-04T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08814
published_at	2026-04-07T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08892
published_at	2026-04-08T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08874
published_at	2026-04-13T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08765
published_at	2026-04-16T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.0874
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5187

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5187

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/a2d98cac56a0c5cb2d8abc4d087fc00846b3bc0f

reference_url

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/a2d98cac56a0c5cb2d8abc4d087fc00846b3bc0f

reference_url

https://github.com/kubernetes/kubernetes/issues/133471

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:27Z/

url

https://github.com/kubernetes/kubernetes/issues/133471

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/znSNY7XCztE

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:27Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/znSNY7XCztE

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-5187

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-5187

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2375801
reference_id	2375801
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2375801

fixed_packages

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2025-5187, GHSA-4x4m-3c2p-qppc

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wr54-j3ky-abfa

url VCID-x5e9-nj8f-aye9

vulnerability_id VCID-x5e9-nj8f-aye9

summary kubernetes: improper validation of URL redirection in the Kubernetes API server allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002102.json

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002102

reference_id

reference_type

scores

value	0.00206
scoring_system	epss
scoring_elements	0.42892
published_at	2026-04-01T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42962
published_at	2026-04-02T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42989
published_at	2026-04-04T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42927
published_at	2026-04-07T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42977
published_at	2026-04-12T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.4299
published_at	2026-04-09T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.43012
published_at	2026-04-11T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.4296
published_at	2026-04-13T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.4302
published_at	2026-04-16T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.43008
published_at	2026-04-18T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42945
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1002102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002102

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1784602
reference_id	1784602
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1784602

reference_url	https://access.redhat.com/errata/RHSA-2020:5363
reference_id	RHSA-2020:5363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5363

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2018-1002102

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5e9-nj8f-aye9

url VCID-xcss-tfeh-w7a6

vulnerability_id VCID-xcss-tfeh-w7a6

summary kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal

references

reference_url	https://access.redhat.com/errata/RHBA-2019:2794
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:2794

reference_url	https://access.redhat.com/errata/RHBA-2019:2816
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:2816

reference_url	https://access.redhat.com/errata/RHBA-2019:2824
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:2824

reference_url	https://access.redhat.com/errata/RHSA-2019:3239
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3239

reference_url	https://access.redhat.com/errata/RHSA-2019:3811
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3811

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11249.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11249.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11249

reference_id

reference_type

scores

value	0.02819
scoring_system	epss
scoring_elements	0.86087
published_at	2026-04-01T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86166
published_at	2026-04-21T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86156
published_at	2026-04-12T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86152
published_at	2026-04-13T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86169
published_at	2026-04-16T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86175
published_at	2026-04-18T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86097
published_at	2026-04-02T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86113
published_at	2026-04-04T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86112
published_at	2026-04-07T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86131
published_at	2026-04-08T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86143
published_at	2026-04-09T12:55:00Z

value	0.02819
scoring_system	epss
scoring_elements	0.86157
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11249

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kubernetes/kubernetes/issues/80984
reference_id
reference_type
scores
url	https://github.com/kubernetes/kubernetes/issues/80984

reference_url	https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ
reference_id
reference_type
scores
url	https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1737651
reference_id	1737651
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1737651

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11249

reference_id

CVE-2019-11249

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11249

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11249

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcss-tfeh-w7a6

url VCID-xw76-5x4h-y3az

vulnerability_id VCID-xw76-5x4h-y3az

summary

Sensitive Information leak via Log File in Kubernetes
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8566.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8566.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8566

reference_id

reference_type

scores

value	0.00091
scoring_system	epss
scoring_elements	0.25623
published_at	2026-04-21T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25648
published_at	2026-04-18T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25665
published_at	2026-04-16T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25663
published_at	2026-04-13T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25721
published_at	2026-04-12T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25761
published_at	2026-04-11T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.2575
published_at	2026-04-09T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25704
published_at	2026-04-08T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25631
published_at	2026-04-07T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25862
published_at	2026-04-04T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.2582
published_at	2026-04-02T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25748
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8566

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1886640

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1886640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8566
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8566

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95624

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/95624

reference_url

https://github.com/kubernetes/kubernetes/pull/95245

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/95245

reference_url

https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea

reference_url

https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk

reference_url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8566

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8566

reference_url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210122-0006

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341
reference_id	972341
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972341

reference_url	https://access.redhat.com/errata/RHSA-2021:0037
reference_id	RHSA-2021:0037
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0037

fixed_packages

url	pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.19.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.19.3-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2020-8566, GHSA-5x96-j797-5qqw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw76-5x4h-y3az

url VCID-zb2s-uwse-zfdf

vulnerability_id VCID-zb2s-uwse-zfdf

summary

Kubernetes kube-apiserver unauthorized access
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.

references

reference_url

https://access.redhat.com/errata/RHBA-2019:2816

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:2816

reference_url

https://access.redhat.com/errata/RHBA-2019:2824

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:2824

reference_url

https://access.redhat.com/errata/RHSA-2019:2690

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:2690

reference_url

https://access.redhat.com/errata/RHSA-2019:2769

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:2769

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11247.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11247.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11247

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51558
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51506
published_at	2026-04-01T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59658
published_at	2026-04-21T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59617
published_at	2026-04-04T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59586
published_at	2026-04-07T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59637
published_at	2026-04-08T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59651
published_at	2026-04-09T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.5967
published_at	2026-04-11T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59653
published_at	2026-04-12T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59634
published_at	2026-04-13T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59667
published_at	2026-04-16T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59674
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11247

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/kubernetes/apiextensions-apiserver

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/apiextensions-apiserver

reference_url

https://github.com/kubernetes/apiextensions-apiserver/commit/b9b7d2b3f32f8edbeb47b8726710eeb868bce196

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/apiextensions-apiserver/commit/b9b7d2b3f32f8edbeb47b8726710eeb868bce196

reference_url

https://github.com/kubernetes/kubernetes/issues/80983

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/80983

reference_url

https://github.com/kubernetes/kubernetes/pull/80750

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/80750

reference_url

https://github.com/kubernetes/kubernetes/pull/80850

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/80850

reference_url

https://github.com/kubernetes/kubernetes/pull/80851

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/80851

reference_url

https://github.com/kubernetes/kubernetes/pull/80852

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/80852

reference_url

https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11247

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11247

reference_url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190919-0003

reference_url	https://security.netapp.com/advisory/ntap-20190919-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190919-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1732192
reference_id	1732192
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1732192

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933988
reference_id	933988
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933988

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_id	cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:::::::*

reference_url	https://access.redhat.com/errata/RHSA-2019:2504
reference_id	RHSA-2019:2504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2504

fixed_packages

url	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.17.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.17.4-1%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2019-11247, GHSA-fp37-c92q-4pwq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zb2s-uwse-zfdf

url VCID-zexe-7ywv-cbcf

vulnerability_id VCID-zexe-7ywv-cbcf

summary

Kubernetes sets incorrect permissions on Windows containers logs
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5321.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5321.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-5321

reference_id

reference_type

scores

value	0.00071
scoring_system	epss
scoring_elements	0.21579
published_at	2026-04-21T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21609
published_at	2026-04-18T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21602
published_at	2026-04-16T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21604
published_at	2026-04-13T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21661
published_at	2026-04-12T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.217
published_at	2026-04-11T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21688
published_at	2026-04-09T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.2163
published_at	2026-04-08T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21553
published_at	2026-04-07T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21802
published_at	2026-04-04T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21747
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-5321

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa

reference_url

https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a

reference_url

https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190

reference_url

https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1

reference_url

https://github.com/kubernetes/kubernetes/issues/126161

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:30:40Z/

url

https://github.com/kubernetes/kubernetes/issues/126161

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:30:40Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-5321

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-5321

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2298752
reference_id	2298752
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2298752

reference_url	https://access.redhat.com/errata/RHSA-2024:6460
reference_id	RHSA-2024:6460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6460

reference_url	https://access.redhat.com/errata/RHSA-2024:6461
reference_id	RHSA-2024:6461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6461

reference_url	https://access.redhat.com/errata/RHSA-2024:6734
reference_id	RHSA-2024:6734
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6734

fixed_packages

url	pkg:deb/debian/kubernetes@0?distro=trixie
purl	pkg:deb/debian/kubernetes@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@0%3Fdistro=trixie

url pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

purl pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42kp-8t9h-dfat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.20.5%2Breally1.20.2-1.1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.20.5%252Breally1.20.2-1.1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
purl	pkg:deb/debian/kubernetes@1.32.3%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.32.3%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
purl	pkg:deb/debian/kubernetes@1.33.4%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kubernetes@1.33.4%252Bds-1%3Fdistro=trixie

aliases CVE-2024-5321, GHSA-82m2-cv7p-4m75

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zexe-7ywv-cbcf

url VCID-zfkg-9qsx-83f1

vulnerability_id VCID-zfkg-9qsx-83f1

summary

Kubernetes arbitrary file overwrite
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.

references

reference_url

https://access.redhat.com/errata/RHSA-2018:0475

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0475

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002102.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1002102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002102

reference_id

reference_type

scores

value	0.00488
scoring_system	epss
scoring_elements	0.65488
published_at	2026-04-21T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65478
published_at	2026-04-09T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65497
published_at	2026-04-11T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65484
published_at	2026-04-12T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65456
published_at	2026-04-13T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65493
published_at	2026-04-16T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65504
published_at	2026-04-18T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65374
published_at	2026-04-01T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65423
published_at	2026-04-02T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.6545
published_at	2026-04-04T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65414
published_at	2026-04-07T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65467
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1002102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1002102

reference_url

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url