The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of K8s

Kubernetes: privilege escalation via kube-apiserver
An attacker can bypass restrictions via kube-apiserver of Kubernetes, in order to escalate his privileges...
6344297, CVE-2020-8559, VIGILANCE-VUL-32841
Kubernetes: denial of service via kubelet /etc/hosts
An attacker can trigger a fatal error via kubelet /etc/hosts of Kubernetes, in order to trigger a denial of service...
6344297, CVE-2020-8557, VIGILANCE-VUL-32840
Kubernetes: information disclosure via Kube-proxy TCP/UDP Services Access
An attacker can bypass access restrictions to data via Kube-proxy TCP/UDP Services Access of Kubernetes, in order to obtain sensitive information...
CVE-2020-8558, VIGILANCE-VUL-32781
Kubernetes kubelet: Man-in-the-Middle via IPv6 Router Advertisement
An attacker can act as a Man-in-the-Middle via an IPv6 Router Advertisement against Kubernetes kubelet, in order to read or write data in the session...
CVE-2020-10749, openSUSE-SU-2020:1049-1, openSUSE-SU-2020:1050-1, RHSA-2020:2684-01, SUSE-SU-2020:1957-1, VIGILANCE-VUL-32382
Kubernetes: Server Side Request Forgery via kube-controller-manager
An attacker can trigger a Server Side Request Forgery via kube-controller-manager of Kubernetes, in order to force the victim to perform operations...
CVE-2020-8555, VIGILANCE-VUL-32381
Kubernetes: vulnerability via Debian Iptables/Base
A vulnerability via Debian Iptables/Base of Kubernetes was announced...
VIGILANCE-VUL-32317
Kubernetes: overload via kube-apiserver YAML
An attacker can trigger an overload via kube-apiserver YAML of Kubernetes, in order to trigger a denial of service...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, 89535, CVE-2019-11254, VIGILANCE-VUL-31915
Kubernetes: denial of service via API Server
An attacker can trigger a fatal error via API Server of Kubernetes, in order to trigger a denial of service...
6234196, CVE-2020-8552, VIGILANCE-VUL-31861
Kubernetes: denial of service via Kubelet
An attacker can trigger a fatal error via Kubelet of Kubernetes, in order to trigger a denial of service...
6234196, CVE-2020-8551, VIGILANCE-VUL-31860
Kubernetes: information disclosure via API Server URL Redirection
An attacker can bypass access restrictions to data via API Server URL Redirection of Kubernetes, in order to obtain sensitive information...
85867, CVE-2018-1002102, FEDORA-2020-943f4b03d2, VIGILANCE-VUL-31306
Our database contains other pages. You can request a free trial to read them.

Display information about K8s: