Kubernetes Engine Google Kubernetes Engine

Do you want an email whenever new security vulnerabilities are reported in Google Kubernetes Engine?

By the Year

In 2024 there have been 0 vulnerabilities in Google Kubernetes Engine . Kubernetes Engine did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 2 6.45
2018 0 0.00

It may take a day or so for new Kubernetes Engine vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Kubernetes Engine Security Vulnerabilities

Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace

CVE-2019-10365 4.3 - Medium - July 31, 2019

Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.

Exposure of Resource to Wrong Sphere

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access

CVE-2019-5736 8.6 - High - February 11, 2019

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Shell injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Micro Focus Service Management Automation or by Google? Click the Watch button to subscribe.

Google
Vendor

subscribe