Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2727

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

Published

2023-07-03T21:15:09.480

Last Modified

2025-02-13T17:16:22.307

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	kubernetes	kubernetes	≤ 1.24.14	Yes
Application	kubernetes	kubernetes	≤ 1.25.10	Yes
Application	kubernetes	kubernetes	≤ 1.26.5	Yes
Application	kubernetes	kubernetes	≤ 1.27.2	Yes

References

http://www.openwall.com/lists/oss-security/2023/07/06/2 Mailing List, Third Party Advisory ([email protected])
https://github.com/kubernetes/kubernetes/issues/118640 Issue Tracking ([email protected])
https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8 Mailing List ([email protected])
https://security.netapp.com/advisory/ntap-20230803-0004/ ([email protected])
http://www.openwall.com/lists/oss-security/2023/07/06/2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/kubernetes/kubernetes/issues/118640 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)
https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230803-0004/ (af854a3a-2127-422b-91ae-364da2661108)