Kubernetes Official CVE Feed

ingress-nginx Admission Controller denial of service

ingress-nginx auth-url protection bypass

ingress-nginx rules.http.paths.path nginx configuration injection

ingress-nginx auth-method nginx configuration injection

Credential caching in Headlamp with Helm enabled

Portworx Half-Blind SSRF in kube-controller-manager

Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

secrets-store-sync-controller discloses service account tokens in logs

Nodes can delete themselves by adding an OwnerReference

VM images built with Kubernetes Image Builder Nutanix or OVA providers use default credentials for Windows images if user did not override

Nodes can bypass dynamic resource allocation authorization checks

ingress-nginx admission controller RCE escalation

ingress-nginx controller configuration injection via unsanitized mirror annotations

ingress-nginx controller configuration injection via unsanitized auth-tls-match-cn annotation

ingress-nginx controller configuration injection via unsanitized auth-url annotation

ingress-nginx controller auth secret file path traversal vulnerability

GitRepo Volume Inadvertent Local Repository Access

Node Denial of Service via kubelet Checkpoint API

Command Injection affecting Windows nodes via nodes/*/logs/query API

Arbitrary command execution through gitRepo volume