K8s Vulnerabilities

CVE-2022-47633
  • Dec 21, 2022

CVE-2022-47633: Kyverno’s container image signature verification can be bypassed by a malicious registry or proxy

Security researchers at ARMO have found a high-severity vulnerability in the Kyverno admission controller container...

Ben Hirschberg

CTO & Co-founder
  • Nov 23, 2022

2022 Kubernetes Vulnerabilities – Main Takeaways 

All the main K8s vulnerabilities from 2022 consolidated into one article. Read all about it...

Ben Hirschberg

CTO & Co-founder
  • Nov 11, 2022

CVE-2022-39328: Unauthorized access to arbitrary endpoints in Grafana codebase

Grafana Labs published a security advisory for a new critical vulnerability in its open-source product....

Ben Hirschberg

CTO & Co-founder

 Upcoming Critical OpenSSL Vulnerability
  • Oct 28, 2022

Upcoming Critical OpenSSL Vulnerability

This blog covers a developing story and it will be updated as new information and...

Ben Hirschberg

CTO & Co-founder
  • Sep 19, 2022

CVE-2022-3172 – kube-apiserver can allow an aggregated API server to redirect client traffic to any URL 

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API...

Ben Hirschberg

CTO & Co-founder
  • Sep 8, 2022

CVE-2022-0492 – Privilege Escalation and Container Escape Vulnerability and its impact on Kubernetes

On March 4th, a new privilege escalation vulnerability (CVE-2022-0492) in the Linux kernel was published....

Ben Hirschberg

CTO & Co-founder
  • Mar 29, 2022

CVE-2022-23648 – Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Recently discovered vulnerability – CVE-2022-23648 –  in containerd, a popular container runtime, allows especially containers...

Ben Hirschberg

CTO & Co-founder
  • Feb 6, 2022

CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes

Researcher Moshe Zioni from Apiiro, discovered a major software supply chain critical vulnerability – CVE-2022-24348...

Amir Kaushansky

VP Product
  • Jan 23, 2022

CVE-2022-0185 – What does the newest kernel exploit mean for Kubernetes users and how to detect it?

TL;DR Linux maintainers disclosed a broadly available Linux kernel vulnerability – CVE-2022-0185 – that enables...

Ben Hirschberg

CTO & Co-founder
  • Dec 12, 2021

CVE-2021-44228 – Log4Shell – Vulnerability and its impact on Kubernetes

On Dec 9th, a critical zero-day vulnerability – CVE-2021-44228 – was announced concerning the Java...

Ben Hirschberg

CTO & Co-founder
  • Oct 22, 2021

New Kubernetes high severity vulnerability alert: CVE-2021-25742

On Oct 21st, the Kubernetes Security Response Committee issued an alert that a new high severity vulnerability...

Shauli Rozen

CEO & Co-founder
slack_logos Continue to Slack

Get the information you need directly from our experts!

new-messageContinue as a guest