Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
References
| Link | Resource |
|---|---|
| http://www.openwall.com/lists/oss-security/2023/07/06/2 | Mailing List Third Party Advisory |
| https://github.com/kubernetes/kubernetes/issues/118640 | Issue Tracking |
| https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8 | Mailing List |
| https://security.netapp.com/advisory/ntap-20230803-0004/ |
Configurations
Configuration 1 (hide)
|
History
03 Aug 2023, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
12 Jul 2023, 19:12
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| First Time |
Kubernetes
Kubernetes kubernetes |
|
| CWE | NVD-CWE-noinfo | |
| References | (MISC) https://github.com/kubernetes/kubernetes/issues/118640 - Issue Tracking | |
| References | (MISC) https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8 - Mailing List | |
| References | (MISC) http://www.openwall.com/lists/oss-security/2023/07/06/2 - Mailing List, Third Party Advisory | |
| CPE | cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* |
07 Jul 2023, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
03 Jul 2023, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-03 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-2727
Mitre link : CVE-2023-2727
CVE.ORG link : CVE-2023-2727
JSON object : View
Products Affected
kubernetes
- kubernetes
CWE