Kubernetes Kube Apiserver
By the Year
In 2024 there have been 0 vulnerabilities in Kubernetes Kube Apiserver . Last year Kube Apiserver had 1 security vulnerability published. Right now, Kube Apiserver is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Kube Apiserver vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Kubernetes Kube Apiserver Security Vulnerabilities
An authentication bypass vulnerability was discovered in kube-apiserver
CVE-2023-1260
8 - High
- September 24, 2023
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openshift Container Platform or by Kubernetes? Click the Watch button to subscribe.
