Vulnerabilities for Kubernetes engine (...) - CXSECURITY.COM

Vulnerabilities for 'Kubernetes engine'

2019-07-31

CVE-2019-10365

CWE-200

Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.

2019-02-11

CVE-2019-5736

CWE-216

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

>>> Vendor: Google 95 Products

Mini search appliance

Search appliance

Custom search engine

Google sketchup

App engine python sdk

Cr-48 chromebook

Android sdk tools

Google authenticator

Search appliance software

Android debug bridge

Android sdk platform tools

Android browser

Calendar events

Play services sdk

Google i/o 2017

News and weather

Chromecast firmware

Kubernetes engine

Nexus 7 firmware

Nexus 9 firmware

Cloud messaging notification

Nest cam iq indoor firmware

Closure library

Chrome-launcher

Secret manager provider for secret store csi driver

Exposure notifications verification server

Cloud iot device sdk for embedded c

Exposure notification verification server

Google-protobuf

Protobuf-kotlin

Oauth client library for java

Copyright 2024, cxsecurity.com