Help Center/ Cloud Container Engine/ Product Bulletin/ Vulnerability Notices

Updated on 2026-05-18 GMT+08:00

Vulnerability Notices

Vulnerability Fixing Policies

Notice of the CVE-2026-42945 NGINX Ingress Controller Vulnerability

Notice of Linux Kernel Privilege Escalation Vulnerabilities (CVE-2026-43284 and CVE-2026-43500)

Notice of Linux Kernel Privilege Escalation Vulnerability (CVE-2026-31431)

Notice of NGINX Ingress Controller Vulnerabilities (CVE-2026-1580, CVE-2026-24512, CVE-2026-24513, and CVE-2026-24514)

Notice of the runC Container Escape Vulnerabilities (CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881)

Notice of Kubernetes Security Vulnerability (CVE-2025-5187)

Notice of Kubernetes Security Vulnerability (CVE-2025-7342)

Notice of the NVIDIA Container Toolkit Container Escape Vulnerabilities (CVE-2025-23266 and CVE-2025-23267)

Notice of the NGINX Ingress Controller Vulnerabilities (CVE-2025-1974, CVE-2025-1097, CVE-2025-1098, CVE-2025-24513, and CVE-2025-24514)

Notice of Kubernetes Security Vulnerability (CVE-2025-0426)

Notice of Kubernetes Security Vulnerability (CVE-2024-10220)

Notice of Kubernetes Security Vulnerabilities (CVE-2024-9486 and CVE-2024-9594)

Notice of Container Escape Vulnerability in NVIDIA Container Toolkit (CVE-2024-0132)

Notice of Linux Remote Code Execution Vulnerability in CUPS (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177)

Notice of the NGINX Ingress Controller Vulnerability That Allows Attackers to Bypass Annotation Validation (CVE-2024-7646)

Notice of Docker Engine Vulnerability That Allows Attackers to Bypass AuthZ (CVE-2024-41110)

Notice of Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)

Notice of OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387)

Notice of runC systemd Attribute Injection Vulnerability (CVE-2024-3154)

Notice of the Impact of runC Vulnerability (CVE-2024-21626)

Notice of Kubernetes Security Vulnerability (CVE-2022-3172)

Notice of Privilege Escalation Vulnerability in Linux Kernel openvswitch Module (CVE-2022-2639)

Notice of nginx-ingress Add-on Security Vulnerability (CVE-2021-25748)

Notice of nginx-ingress Security Vulnerabilities (CVE-2021-25745 and CVE-2021-25746)

Notice of containerd Process Privilege Escalation Vulnerability (CVE-2022-24769)

Notice of CRI-O Container Runtime Engine Arbitrary Code Execution Vulnerability (CVE-2022-0811)

Notice of Container Escape Vulnerability Caused by the Linux Kernel (CVE-2022-0492)

Notice of Non-Security Handling Vulnerability of containerd Image Volumes (CVE-2022-23648)

Notice of Linux Kernel Integer Overflow Vulnerability (CVE-2022-0185)

Notice of Linux Polkit Privilege Escalation Vulnerability (CVE-2021-4034)

Notice of Vulnerability of Kubernetes subPath Symlink Exchange (CVE-2021-25741)

Notice of runC Vulnerability That Allows a Container Filesystem Breakout via Directory Traversal (CVE-2021-30465)

Notice of Docker Resource Management Vulnerability (CVE-2021-21285)

Notice of NVIDIA GPU Driver Vulnerability (CVE-2021-1056)

Notice of the Sudo Buffer Vulnerability (CVE-2021-3156)

Notice of the Kubernetes Security Vulnerability (CVE-2020-8554)

Notice of Apache containerd Security Vulnerability (CVE-2020-15257)

Notice of Docker Engine Input Verification Vulnerability (CVE-2020-13401)

Notice of Kubernetes kube-apiserver Input Verification Vulnerability (CVE-2020-8559)

Notice of Kubernetes kubelet Resource Management Vulnerability (CVE-2020-8557)

Notice of Kubernetes kubelet and kube-proxy Authorization Vulnerability (CVE-2020-8558)

Notice of Fixing the Kubernetes HTTP/2 Vulnerability

Notice of Fixing the Linux Kernel SACK Vulnerabilities

Notice of Fixing the Docker Command Injection Vulnerability (CVE-2019-5736)

Notice of Fixing the Kubernetes Permission and Access Control Vulnerability (CVE-2018-1002105)

Notice of Fixing the Kubernetes Dashboard Security Vulnerability (CVE-2018-18264)

Previous topic: End of Maintenance for Clusters 1.19

Next topic: Vulnerability Fixing Policies

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.