k8s.io/kubernetes vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-13281Mediumk8s.io/kubernetes: kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClassCVE-2025-5187Mediumk8s.io/kubernetes: Kubernetes Nodes can delete themselves by adding an OwnerReferenceCVE-2025-4563Lowk8s.io/kubernetes: kubernetes allows nodes to bypass dynamic resource allocation authorization checksCVE-2025-1767Mediumk8s.io/kubernetes: Kubernetes GitRepo Volume Inadvertent Local Repository AccessCVE-2024-9042Mediumk8s.io/kubernetes: Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query APICVE-2025-0426Mediumk8s.io/kubernetes: Node Denial of Service via kubelet Checkpoint APICVE-2024-10220Highk8s.io/kubernetes: Kubernetes kubelet arbitrary command executionCVE-2024-0793Highk8s.io/kubernetes: Kubernetes Nil pointer dereference in KCM after v1 HPA patch requestCVE-2024-5321Highk8s.io/kubernetes: Kubernetes sets incorrect permissions on Windows containers logsCVE-2020-8559Mediumk8s.io/apimachinery: Privilege Escalation in KubernetesCVE-2024-3177Lowk8s.io/kubernetes: Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission pluginCVE-2023-5528Highk8s.io/kubernetes: Kubernetes Improper Input Validation vulnerabilityCVE-2023-3955Highk8s.io/kubernetes: Kubernetes privilege escalation vulnerabilityCVE-2023-3676Highk8s.io/kubernetes: Kubernetes privilege escalation vulnerabilityCVE-2021-25736Mediumk8s.io/kubernetes: Kube-proxy may unintentionally forward trafficCVE-2023-2728Mediumk8s.io/kubernetes: Kubernetes mountable secrets policy bypassCVE-2023-2727Mediumk8s.io/kubernetes: kube-apiserver vulnerable to policy bypassCVE-2023-2431Mediumk8s.io/kubernetes: Kubelet vulnerable to bypass of seccomp profile enforcementCVE-2020-8565Mediumk8s.io/client-go: Kubernetes client-go vulnerable to Sensitive Information Leak via Log FileCVE-2020-8564Mediumgithub.com/kubernetes/kubernetes: Kubernetes Sensitive Information leak via Log FileCVE-2019-11250Mediumk8s.io/client-go: Kubernetes client-go library logs may disclose credentials to unauthorized usersCVE-2019-11243Highk8s.io/kubernetes: Kubernetes did not effectively clear service account credentialsCVE-2017-1002102Mediumk8s.io/kubernetes: Kubernetes arbitrary file overwriteCVE-2018-1002100Mediumk8s.io/kubernetes: Kubernetes arbitrary file overwriteCVE-2019-1002100Mediumk8s.io/kubernetes: Kubernetes DoS Vulnerability

Stop the waste.
Protect your environment with Kodem.