Kubernetes Vulnerabilities
Kubernetes Kubernetes vulnerabilities.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Server Side Request Forgery Vulnerability in Portworx for Kubernetes
CVE-2025-13281KubernetesKubernetes5.8MEDIUMCertificate Validation Flaw in Kubernetes C# Client
CVE-2025-9708KubernetesKubernetes Csharp Client6.8MEDIUMVulnerability in NodeRestriction Admission Controller of Kubernetes
CVE-2025-5187KubernetesKubernetes6.7MEDIUMNodeRestriction Admission Controller Vulnerability in Kubernetes
CVE-2025-4563KubernetesKubernetes2.7LOWSecurity vulnerability in Kubernetes clusters with Windows nodes
CVE-2024-5321KubernetesKubernetes6.1MEDIUMSecurity Issue in Kubernetes: Bypassing Mountable Secrets Policy with envFrom Field
CVE-2024-3177KubernetesKubernetes2.7LOWWindows kube-proxy LoadBalancer contention
CVE-2021-25736KubernetesKubernetes6.3MEDIUMBypassing policies imposed by the ImagePolicyWebhook admission plugin
CVE-2023-2727KubernetesKubernetes6.5MEDIUMBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
CVE-2023-2728KubernetesKubernetes6.5MEDIUMBypass of seccomp profile enforcement
CVE-2023-2431KubernetesKubernetes3.4LOWIngress-nginx `path` sanitization can be bypassed with newline character
CVE-2021-25748KubernetesKubernetes Ingress-nginx7.6HIGHrunAsNonRoot logic bypass for Windows containers
CVE-2021-25749KubernetesKubernetes7.8HIGHUnauthorized read of Custom Resources
CVE-2022-3162KubernetesKubernetes6.5MEDIUMNode address isn't always verified when proxying
CVE-2022-3294KubernetesKubernetes👾🟡6.6MEDIUMInsecure Handling of Tar Data in Kubernetes by Vendor K8s
CVE-2018-1002100KubernetesKubernetes4.2MEDIUMIngress-nginx path can be pointed to service account token file
CVE-2021-25745KubernetesKubernetes Ingress-nginx7.6HIGHIngress-nginx directive injection via annotations
CVE-2021-25746KubernetesKubernetes Ingress-nginx7.6HIGHBypass of Kubernetes API Server proxy TOCTOU
CVE-2020-8562KubernetesKubernetes2.2LOWANSI escape characters in kubectl output are not being filtered
CVE-2021-25743KubernetesKubernetes3LOWIngress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
CVE-2021-25742KubernetesKubernetes Ingress-nginx7.6HIGHCode exec via yaml parsing
CVE-2021-25738KubernetesKubernetes Java Client6.7MEDIUMWebhook redirect in kube-apiserver
CVE-2020-8561KubernetesKubernetes4.1MEDIUMHoles in EndpointSlice Validation Enable Host Network Hijack
CVE-2021-25740KubernetesKubernetes3.1LOWSymlink Exchange Can Allow Host Filesystem Access
CVE-2021-25741KubernetesKubernetes👾🟡EPSS 33%8.8HIGHValidating Admission Webhook does not observe some previous fields
CVE-2021-25735KubernetesKubernetes👾🟡EPSS 14%6.5MEDIUM