Kubernetes Official CVE Feed

Aggregated API server can cause clients to be redirected (SSRF)

`runAsNonRoot` logic bypass for Windows containers

Ingress-nginx `path` sanitization can be bypassed with newline character

Ingress-nginx directive injection via annotations

Ingress-nginx `path` can be pointed to service account token file

Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

Symlink Exchange Can Allow Host Filesystem Access

Webhook redirect in kube-apiserver

Endpoint & EndpointSlice permissions allow cross-Namespace forwarding

Holes in EndpointSlice Validation Enable Host Network Hijack

Bypass of Kubernetes API Server proxy TOCTOU

Processes may panic upon receipt of malicious protobuf messages

Validating Admission Webhook does not observe some previous fields

Man in the middle using LoadBalancer or ExternalIPs

Ceph RBD adminSecrets exposed in logs when loglevel >= 4

Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9

Docker config secrets leaked when file is malformed and log level >= 4

Secret leaks in kube-controller-manager when using vSphere provider

Node disk DOS by writing to container /etc/hosts

Privilege escalation from compromised node to cluster