In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Kubernetes
Trident
Openshift Container Platform
NVD
GitHub
CVSS 3.1
5.0
EPSS
0.5%
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. Rated medium severity (CVSS 4.7).
Information Disclosure
Linux Kernel
Debian Linux
Active Iq Unified Manager For Vmware Vsphere
Hci Management Node
+6
NVD
CVSS 3.1
4.7
EPSS
0.3%
Prev
Page 2 of 2