ALT-PU-2020-2454-2

Package update kubernetes in branch sisyphus

Version1.18.6-alt1

Published2026-02-04

Max severityMEDIUM

Severity:

Closed issues (5)

MEDIUM6.8

Уязвимость компонента kube-apiserver программного средства управления кластерами виртуальных машин Kubernetes, позволяющая нарушителю повысить привилегии

Published: 2024-08-07Modified: 2024-08-26

CVSS 3.xMEDIUM 6.8

CVSS:3.x/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 8.3

CVSS:2.0/AV:N/AC:L/Au:M/C:C/I:C/A:C

References

CVE-2020-8559

MEDIUM5.5

The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

Published: 2020-07-23Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

MEDIUM6.8

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.

Published: 2020-07-22Modified: 2024-11-21

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

References

GHSA-33c5-9fx5-fvjm

MEDIUM6.8

Privilege Escalation in Kubernetes

Published: 2024-04-24Modified: 2024-05-21

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

References

GHSA-55qj-gj3x-jq9r

MEDIUM5.5

Denial of service in Kubernetes

Published: 2024-04-24Modified: 2024-06-10

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References