kubelet
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | An agent that runs on each node in a Kubernetes cluster making sure that containers are running in a Pod |
| Version |
1.24.0-1 [community-testing] 1.23.6-2 [community] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1915 | 1.23.0-1 | Low | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-25740 | AVG-1915 | Low | Yes | Insufficient validation | A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a... |
| CVE-2020-8562 | AVG-1915 | Low | Yes | Access restriction bypass | A security issue was discovered in Kubernetes where an authorized user may be able to access private networks on the Kubernetes control plane components.... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2393 | 1.22.1-1 | 1.22.2-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-25741 | AVG-2393 | High | Yes | Arbitrary filesystem access | A security issue was discovered in kubelet before version 1.22.2 where a user may be able to create a container with subpath volume mounts to access files &... |