Latest coverage for Kubernetes
Kubernetes is an open-source system for managing containers, where misconfigurations and vulnerabilities can expose workloads, secrets, and clusters.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Kubernetes is an open-source platform that automates deploying, scaling, and updating containerized applications across a cluster of machines. It maintains the desired state of workloads, while its control plane assigns work to nodes and manages networking, storage, and service discovery.
Its security depends on several connected layers. The Kubernetes API is a high-value control surface: weak authentication, excessive RBAC permissions, or an exposed dashboard can allow unauthorized changes. Cluster state, including Kubernetes Secrets, is stored in etcd and should be access-controlled and encrypted at rest. Container images and deployment configurations require vulnerability review and trusted-source or admission controls; a privileged container or vulnerable node can increase the risk of escaping workload isolation. Network policies can restrict pod-to-pod communication, while version and node patching, audit logs, and tested access-revocation procedures support detection and response.
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances
Critical default credential bug in Kubernetes Image Builder allows SSH root access
It's called leaving the door wide open - especially in Proxmox A critical bug in Kubernetes Image Builder could allow unauthorized SSH access to virtual machines (VMs) due to default credentials being enabled during the image build process.…
Critical Kubernetes Image Builder flaw gives SSH root access to VMs
A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. [...]