Upcoming Critical OpenSSL Vulnerability
This blog covers a developing story and it will be updated as new information and...
K8s Vulnerabilities
CVE-2022-3172 – kube-apiserver can allow an aggregated API server to redirect client traffic to any URL
A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API...
CVE-2022-23648 – Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes
Recently discovered vulnerability – CVE-2022-23648 – in containerd, a popular container runtime, allows especially containers...
CVE-2022-0492 – Privilege Escalation and Container Escape Vulnerability and its impact on Kubernetes
On March 4th, a new privilege escalation vulnerability (CVE-2022-0492) in the Linux kernel was published....
CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes
Researcher Moshe Zioni from Apiiro, discovered a major software supply chain critical vulnerability – CVE-2022-24348...
CVE-2022-0185 – What does the newest kernel exploit mean for Kubernetes users and how to detect it?
TL;DR Linux maintainers disclosed a broadly available Linux kernel vulnerability – CVE-2022-0185 – that enables...
CVE-2021-44228 – Log4Shell – Vulnerability and its impact on Kubernetes
On Dec 9th, a critical zero-day vulnerability – CVE-2021-44228 – was announced concerning the Java...
New Kubernetes high severity vulnerability alert: CVE-2021-25742
On Oct 21st, the Kubernetes Security Response Committee issued an alert that a new high severity vulnerability...
Continue as a guest