The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of K8s

Kubernetes: information disclosure via API Server URL Redirection
An attacker can bypass access restrictions to data via API Server URL Redirection of Kubernetes, in order to obtain sensitive information...
85867, CVE-2018-1002102, FEDORA-2020-943f4b03d2, VIGILANCE-VUL-31306
Kubernetes: information disclosure via Container Storage Interface
An attacker can bypass access restrictions to data via Container Storage Interface of Kubernetes, in order to obtain sensitive information...
CVE-2019-11255, VIGILANCE-VUL-30883
Kubernetes: infinite loop via Json/yaml Decoding
An attacker can trigger an infinite loop via Json/yaml Decoding of Kubernetes, in order to trigger a denial of service...
1167142, 83253, CVE-2019-11253, VIGILANCE-VUL-30640
Kubernetes: directory traversal via Kubectl Symlinks
An attacker can traverse directories via Kubectl Symlinks of Kubernetes, in order to create a file outside the service root path...
1274986, CVE-2019-11251, VIGILANCE-VUL-30362
Kubernetes: information disclosure via Bearer Tokens
An attacker can bypass access restrictions to data via Bearer Tokens of Kubernetes, in order to obtain sensitive information...
81114, CVE-2019-11250, FEDORA-2019-2b8ef08c95, VIGILANCE-VUL-30148
Kubernetes: information disclosure via /debug/pprof
An attacker can bypass access restrictions to data via /debug/pprof of Kubernetes, in order to obtain sensitive information...
CVE-2019-11248, FEDORA-2019-2b8ef08c95, VIGILANCE-VUL-30147
Kubernetes: file creation via Kubectl Cp
A local attacker can create or overwrite a file when "kubectl cp" is used...
1167154, 80984, CVE-2019-11249, FEDORA-2019-2b8ef08c95, VIGILANCE-VUL-29949
Kubernetes: read-write access via API Server Cluster-scoped Resource
An attacker can bypass access restrictions via API Server Cluster-scoped Resource of Kubernetes, in order to read or alter data...
1167154, 80983, CVE-2019-11247, FEDORA-2019-2b8ef08c95, VIGILANCE-VUL-29948
Kubernetes: directory traversal via kubectl cp
An attacker can traverse directories via kubectl cp of Kubernetes, in order to read a file outside the service root path...
CVE-2019-11246, FEDORA-2019-2b8ef08c95, ibm10960606, VIGILANCE-VUL-29589
Kubernetes kubelet: privilege escalation via Root Uid Container
An attacker can bypass restrictions via Root Uid Container of Kubernetes kubelet, in order to escalate his privileges...
CVE-2019-11245, VIGILANCE-VUL-29443
Our database contains other pages. You can request a free trial to read them.

Display information about K8s: