厂商漏洞
「kubernetes」的相关漏洞
| 产品名称 | AVD编号 | 漏洞名称 | 披露时间 |
|---|---|---|---|
| Container Storage Interface Snapshotter | |||
| AVD-2020-8569 | kubernetes container_storage_interface_snapshotter 空指针解引用 | 2021-01-22 | |
| Continuous Deploy | |||
| AVD-2022-27209 | kubernetes continuous_deploy 授权机制缺失 | 2022-03-16 | |
| Cri-O | |||
| AVD-2022-0811 | CRI-O 任意代码执行漏洞 | 2022-03-17 | |
| AVD-2018-1000400 | Kubernetes CRI-O权限获取漏洞 | 2018-05-19 | |
| AVD-2022-0532 | kubernetes cri-o 关键资源的不正确权限授予 | 2022-02-10 | |
| AVD-2022-27652 | cri-o 安全漏洞(CVE-2022-27652) | 2022-04-20 | |
| AVD-2022-1708 | kubernetes cri-o 未加控制的资源消耗(资源穷尽) | 2022-06-08 | |
| AVD-2019-14891 | cri-o Container Memory Exhaustion 拒绝服务漏洞 | 2019-11-26 | |
| Dashboard | |||
| AVD-2018-18264 | Kubernetes Dashboard身份验证绕过漏洞 | 2019-01-03 | |
| External-Provisioner | |||
| AVD-2019-11255 | CSI卷快照、克隆和调整大小功能可能导致未经授权的卷数据访问或突变 | 2019-12-06 | |
| External-Resizer | |||
| AVD-2019-11255 | CSI卷快照、克隆和调整大小功能可能导致未经授权的卷数据访问或突变 | 2019-12-06 | |
| External-Snapshotter | |||
| AVD-2019-11255 | CSI卷快照、克隆和调整大小功能可能导致未经授权的卷数据访问或突变 | 2019-12-06 | |
| Ingress-Nginx | |||
| AVD-2021-25746 | Linux ingress-nginx 安全漏洞(CVE-2021-25746) | 2022-04-26 | |
| AVD-2021-25745 | Linux ingress-nginx 安全漏洞(CVE-2021-25745) | 2022-04-26 | |
| AVD-2020-8553 | Kubernetes ingress-nginx 安全漏洞 | 2020-07-30 | |
| AVD-2021-25742 | Kubernetes ingress-nginx Snippet Feature input validation | 2021-10-29 | |
| Java | |||
| AVD-2020-8570 | kubernetes java 对路径名的限制不恰当(路径遍历) | 2021-01-22 | |
| AVD-2021-25738 | kubernetes java 输入验证不恰当 | 2021-10-12 | |
| Kube-Rbac-Proxy | |||
| AVD-2019-3818 | 配置的不正确应用允许不安全的密码和TLS 1.0 | 2019-02-06 | |
| Kube-State-Metrics | |||
| AVD-2019-10223 | kube-state-metrics 信息泄露漏洞 | 2019-11-06 | |
| Kubernetes | |||
| AVD-2020-8557 | Kubernetes kubelet 资源管理错误漏洞 | 2020-07-24 | |
| AVD-2019-11243 | Google Kubernetes 信任管理问题漏洞 | 2019-04-23 | |
| AVD-2019-11247 | kubectl 权限许可和访问控制问题漏洞 | 2019-08-29 | |
| AVD-2018-1002102 | Google Kubernetes 输入验证错误漏洞 | 2019-12-06 | |
| AVD-2019-11254 | Kubernetes up to 1.1-1.14/1.15.9/1.16.6/1.17.2 kube-apiserver CPU Exhaustion 拒绝服务漏洞 | 2020-04-02 | |
| AVD-2020-8563 | Kubernetes日志信息泄露漏洞 | 2020-12-08 | |
| AVD-2020-8566 | Kubernetes日志信息泄露漏洞 | 2020-12-08 | |
| AVD-2020-8554 | Kubernetes中间人攻击漏洞 | 2021-01-22 | |
| AVD-2016-1905 | Google Kubernetes API服务器安全绕过漏洞 | 2016-02-04 | |
| AVD-2017-1000056 | Google Kubernetes权限提升漏洞 | 2017-07-18 |