Kubernetes - CVE CyberSecurity Database News (Page 2)

Oct 31, 2023 Windows Kubernetes kubelet

CVE-2023-3955: Critical Privilege Escalation Vulnerability in Kubernetes Affecting Windows Nodes

A high-severity security vulnerability (CVE-2023-3955) has been discovered in Kubernetes that can allow attackers to escalate their privileges on Windows nodes. This issue currently affects

Oct 25, 2023 Exploit Kubernetes ingress-nginx

CVE-2023-5043 - Ingress NGINX Annotation Injection Leading to Arbitrary Command Execution: Detailed Exploration and Mitigation Techniques

A recently disclosed vulnerability, assigned the identifier CVE-2023-5043, poses a significant risk to users of Kubernetes and the NGINX Ingress controller. This critical security flaw

Oct 25, 2023 Exploit Kubernetes ingress-nginx

CVE-2023-5044 - Code Injection Vulnerability in Nginx Ingress Controller for Kubernetes using nginx.ingress.kubernetes.io/permanent-redirect Annotation

A recent vulnerability, CVE-2023-5044, has been discovered that allows malicious users to inject arbitrary code into the Nginx Ingress controller. This is a critical security

Oct 25, 2023 Exploit Kubernetes ingress-nginx

CVE-2022-4886: Bypassing Ingress-nginx `path` Sanitization using `log_format` Directive – A Detailed Analysis with Exploit Details and Code Snippets

The latest vulnerability to make headlines is CVE-2022-4886, which affects the Ingress-nginx controller. This vulnerability allows an attacker to bypass the path sanitization by leveraging

Sep 24, 2023 Kubernetes

CVE-2023-1260: Authentication Bypass Vulnerability in kube-apiserver Allowing Privileged Pod Control

A critical vulnerability classified as CVE-2023-1260 has been identified in kube-apiserver, the core component of the Kubernetes control plane. This authentication bypass vulnerability could potentially