CVE-2015-7561 – k8s.io/kubernetes

Package

Manager: go
Name: k8s.io/kubernetes
Vulnerable Version: >=0 <1.2.0-alpha.6

Severity

Level: Low

CVSS v3.1: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

EPSS: 0.00139 pctl0.34558

Details

Kubernetes in OpenShift3 Access Control Misconfiguration Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.

Metadata

Created: 2022-05-13T01:09:54Z
Modified: 2023-12-07T21:16:21Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2h9c-34v6-3qmr/GHSA-2h9c-34v6-3qmr.json
CWE IDs: []
Alternative ID: GHSA-2h9c-34v6-3qmr
Finding: F039
Auto approve: 1