Vulnerability Notices

Vulnerability Fixing Policies
Notice of Container Escape Vulnerability in NVIDIA Container Toolkit (CVE-2024-0132)
Notice of Linux Remote Code Execution Vulnerability in CUPS (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177)
Notice of the NGINX Ingress Controller Vulnerability That Allows Attackers to Bypass Annotation Validation (CVE-2024-7646)
Notice of Docker Engine Vulnerability That Allows Attackers to Bypass AuthZ (CVE-2024-41110)
Notice of Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)
Notice of OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387)
Notice of runC systemd Attribute Injection Vulnerability (CVE-2024-3154)
Notice of the Impact of runC Vulnerability (CVE-2024-21626)
Notice on the Kubernetes Security Vulnerability (CVE-2022-3172)
Privilege Escalation Vulnerability in Linux Kernel openvswitch Module (CVE-2022-2639)
Notice on nginx-ingress Add-On Security Vulnerability (CVE-2021-25748)
Notice on nginx-ingress Security Vulnerabilities (CVE-2021-25745 and CVE-2021-25746)
Notice on the containerd Process Privilege Escalation Vulnerability (CVE-2022-24769)
Notice on CRI-O Container Runtime Engine Arbitrary Code Execution Vulnerability (CVE-2022-0811)
Notice on the Container Escape Vulnerability Caused by the Linux Kernel (CVE-2022-0492)
Notice on the Non-Security Handling Vulnerability of containerd Image Volumes (CVE-2022-23648)
Linux Kernel Integer Overflow Vulnerability (CVE-2022-0185)
Linux Polkit Privilege Escalation Vulnerability (CVE-2021-4034)
Notice on the Vulnerability of Kubernetes subPath Symlink Exchange (CVE-2021-25741)
Notice of runC Vulnerability That Allows a Container Filesystem Breakout via Directory Traversal (CVE-2021-30465)
Notice on the Docker Resource Management Vulnerability (CVE-2021-21285)
Notice of NVIDIA GPU Driver Vulnerability (CVE-2021-1056)
Notice on the Sudo Buffer Vulnerability (CVE-2021-3156)
Notice on the Kubernetes Security Vulnerability (CVE-2020-8554)
Notice of Apache containerd Security Vulnerability (CVE-2020-15257)
Notice on the Docker Engine Input Verification Vulnerability (CVE-2020-13401)
Notice of Kubernetes kube-apiserver Input Verification Vulnerability (CVE-2020-8559)
Notice on the Kubernetes kubelet Resource Management Vulnerability (CVE-2020-8557)
Notice on the Kubernetes kubelet and kube-proxy Authorization Vulnerability (CVE-2020-8558)
Notice on Fixing Kubernetes HTTP/2 Vulnerability
Notice on Fixing Linux Kernel SACK Vulnerabilities
Notice on Fixing the Docker Command Injection Vulnerability (CVE-2019-5736)
Notice on Fixing the Kubernetes Permission and Access Control Vulnerability (CVE-2018-1002105)
Notice of Fixing the Kubernetes Dashboard Security Vulnerability (CVE-2018-18264)

Previous topic: End of Maintenance for Clusters 1.19

Next topic: Vulnerability Fixing Policies

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel