Skip to content

Issues: kubernetes/kubernetes

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
46 Open 542 Closed
46 Open 542 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

CVE PLACEHOLDER ISSUE area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. triage/accepted Indicates an issue or PR is ready to be actively worked on.
#126587 opened Aug 7, 2024 by enj
3
Remove gitRepo volume type area/security kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. sig/security Categorizes an issue or PR as relevant to SIG Security. sig/storage Categorizes an issue or PR as relevant to SIG Storage.
#125983 opened Jul 9, 2024 by vinayakankugoyal
2
@thockin
29
Set up VEX to eliminate false-positives from vulnerability scanning tool results area/security needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. sig/release Categorizes an issue or PR as relevant to SIG Release.
#121454 opened Oct 23, 2023 by ritazh
15
CVE-2020-8561: Webhook redirect in kube-apiserver area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. triage/accepted Indicates an issue or PR is ready to be actively worked on.
#104720 opened Sep 1, 2021 by micahhausler
17
Audit ID Chain area/audit area/security help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/auth Categorizes an issue or PR as relevant to SIG Auth. triage/accepted Indicates an issue or PR is ready to be actively worked on.
#101597 opened Apr 29, 2021 by tallclair
18
CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. triage/accepted Indicates an issue or PR is ready to be actively worked on.
#101493 opened Apr 26, 2021 by micahhausler
16
Security contacts for metrics not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/instrumentation Categorizes an issue or PR as relevant to SIG Instrumentation.
#92101 opened Jun 12, 2020 by joelsmith
Security contacts for legacy-cloud-providers not specified or out of date area/cloudprovider area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider.
#92100 opened Jun 12, 2020 by joelsmith
@cheftako @andrewsykim
1
Security contacts for kube-scheduler not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
#92099 opened Jun 12, 2020 by joelsmith
Security contacts for kubelet not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
#92097 opened Jun 12, 2020 by joelsmith
Security contacts for kube-controller-manager not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
#92096 opened Jun 12, 2020 by joelsmith
Security contacts for csi-translation-lib not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
#92094 opened Jun 12, 2020 by joelsmith
1
Security contacts for cri-api not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/node Categorizes an issue or PR as relevant to SIG Node.
#92093 opened Jun 12, 2020 by joelsmith
5
Security contacts for api not specified or out of date area/security committee/security-response Denotes an issue or PR intended to be handled by the product security committee. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
#92086 opened Jun 12, 2020 by joelsmith
1
API Server supports insecure TLS ciphersuites area/security help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. priority/awaiting-more-evidence Lowest priority. Possibly useful, but not yet enough support to actually get it done. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/security Categorizes an issue or PR as relevant to SIG Security. triage/accepted Indicates an issue or PR is ready to be actively worked on. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#91444 opened May 26, 2020 by pjbgf
1
38
Kubernetes 3rd Party Security Audit Findings area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/security Categorizes an issue or PR as relevant to SIG Security. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81146 opened Aug 8, 2019 by cji
18
TOB-K8S-010: Hardcoded use of insecure gRPC transport area/security kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/storage Categorizes an issue or PR as relevant to SIG Storage. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81142 opened Aug 8, 2019 by cji
@aramase
13
TOB-K8S-017: Use standard formats everywhere area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/awaiting-more-evidence Lowest priority. Possibly useful, but not yet enough support to actually get it done. sig/auth Categorizes an issue or PR as relevant to SIG Auth. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81140 opened Aug 8, 2019 by cji
9
TOB-K8S-033: Services use questionable default functions area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/node Categorizes an issue or PR as relevant to SIG Node. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81138 opened Aug 8, 2019 by cji
14
TOB-K8S-016: Unsafe JSON construction area/security help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/apps Categorizes an issue or PR as relevant to SIG Apps. triage/accepted Indicates an issue or PR is ready to be actively worked on. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81134 opened Aug 8, 2019 by cji
@zouyee
47
TOB-K8S-008: Arbitrary file paths without bounding area/security help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/node Categorizes an issue or PR as relevant to SIG Node. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81133 opened Aug 8, 2019 by cji
@sanchayanghosh
10
TOB-K8S-007: Log rotation is not atomic area/security help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. sig/node Categorizes an issue or PR as relevant to SIG Node. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81132 opened Aug 8, 2019 by cji
16
TOB-K8S-024: kubelet liveness probes can be used to enumerate host network area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/node Categorizes an issue or PR as relevant to SIG Node. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81129 opened Aug 8, 2019 by cji
@thockin @matthyx
17
TOB-K8S-029: Encryption recommendations not in accordance with best practices area/security kind/bug Categorizes issue or PR as related to a bug. kind/documentation Categorizes issue or PR as related to documentation. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/security Categorizes an issue or PR as relevant to SIG Security. sig/storage Categorizes an issue or PR as relevant to SIG Storage. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81127 opened Aug 8, 2019 by cji
1
@aramase
27
TOB-K8S-021: Improper fetching of PIDs allows incorrect cgroup movement area/security kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/node Categorizes an issue or PR as relevant to SIG Node. wg/security-audit Categorizes an issue or PR as relevant to WG Security Audit.
#81124 opened Aug 8, 2019 by cji
10
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.