Skip to main content

Minikube

3 CVEs product

Monthly

CVE-2023-1944 HIGH This Week

This vulnerability enables ssh access to minikube container using a default password. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Minikube
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-1174 CRITICAL Act Now

This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Docker Minikube
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2018-1002103 Go HIGH This Week

In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF RCE Kubernetes Minikube
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
EPSS 0% CVSS 7.8
HIGH This Week

This vulnerability enables ssh access to minikube container using a default password. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Minikube
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Docker +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF RCE Kubernetes +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy