kubernetes (SUSE:Linux Enterprise Module for Containers 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Containers 15 SP1 package kubernetes, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2020-15112 — CVSS 6.5 (medium): In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method…
CVE-2020-15106 — CVSS 6.5 (medium): In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length…
CVE-2020-8557 — CVSS 5.5 (medium): The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which…
CVE-2020-8566 — CVSS 4.7 (medium): In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to…
CVE-2020-8565 — CVSS 4.7 (medium): In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both…
CVE-2020-15184 — CVSS 3.7 (low): In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could…
CVE-2020-15186 — CVSS 3.4 (low): In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use…
CVE-2020-15187 — CVSS 3.0 (low): In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a…
CVE-2020-15185 — CVSS 2.2 (low): In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a…