ALT-PU-2021-3547-1

Package update kubernetes in branch p10

Version1.22.4-alt2

Published2021-12-16

Max severityHIGH

Severity:

Closed issues (2)

HIGH8.8

Уязвимость программы для оркестровки контейнеризированных приложений Kubernetes, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти введенные ограничения безопасности

Published: 2021-12-17Modified: 2026-03-18

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2021-25741

HIGH8.1

A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.

Published: 2021-09-20Modified: 2024-11-21

CVSS 2.0MEDIUM 5.5

CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:N

CVSS 3.xHIGH 8.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References