Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS04Z3dqLW02dmgtMmc2as4AA2Zu

High EPSS: 0.00095% (0.27491 Percentile) EPSS:
Permalink JSON

kOps privilege escalation vulnerability

Affected Packages Affected Versions Fixed Versions
go:k8s.io/kops
PURL: pkg:go/k8s.io%2Fkops
>= 1.26.0, < 1.26.2, < 1.25.4 1.26.2, 1.25.4
38 Dependent packages
124 Dependent repositories

Affected Version Ranges

All affected versions

v1.4.0, v1.4.0-alpha.1, v1.4.1, v1.4.2, v1.4.3, v1.4.4, v1.10.0, v1.11.0, v1.15.1, v1.15.2, v1.15.3, v1.16.0, v1.16.0-beta.1, v1.16.0-beta.2, v1.16.1, v1.16.2, v1.16.3, v1.16.4, v1.17.0, v1.17.0-alpha.2, v1.17.0-alpha.3, v1.17.0-alpha.4, v1.17.0-beta.1, v1.17.0-beta.2, v1.17.1, v1.17.2, v1.18.0, v1.18.0-alpha.1, v1.18.0-alpha.2, v1.18.0-alpha.3, v1.18.0-beta.1, v1.18.0-beta.2, v1.18.1, v1.18.2, v1.18.3, v1.19.0, v1.19.0-alpha.1, v1.19.0-alpha.2, v1.19.0-alpha.3, v1.19.0-alpha.4, v1.19.0-alpha.5, v1.19.0-beta.1, v1.19.0-beta.2, v1.19.0-beta.3, v1.19.1, v1.19.2, v1.19.3, v1.20.0, v1.20.0-alpha.1, v1.20.0-alpha.2, v1.20.0-beta.1, v1.20.0-beta.2, v1.20.1, v1.20.2, v1.20.3, v1.21.0, v1.21.0-alpha.1, v1.21.0-alpha.2, v1.21.0-alpha.3, v1.21.0-beta.1, v1.21.0-beta.2, v1.21.0-beta.3, v1.21.1, v1.21.2, v1.21.3, v1.21.4, v1.21.5, v1.22.0, v1.22.0-alpha.1, v1.22.0-alpha.2, v1.22.0-beta.1, v1.22.0-beta.2, v1.22.1, v1.22.2, v1.22.3, v1.22.4, v1.22.5, v1.22.6, v1.23.0, v1.23.0-alpha.1, v1.23.0-alpha.2, v1.23.0-beta.1, v1.23.0-beta.2, v1.23.1, v1.23.2, v1.23.3, v1.23.4, v1.24.0, v1.24.0-alpha.1, v1.24.0-alpha.2, v1.24.0-alpha.3, v1.24.0-alpha.4, v1.24.0-alpha.5, v1.24.0-beta.1, v1.24.0-beta.2, v1.24.0-beta.3, v1.24.1, v1.24.2, v1.24.3, v1.24.4, v1.24.5, v1.25.0, v1.25.0-alpha.1, v1.25.0-alpha.2, v1.25.0-beta.1, v1.25.1, v1.25.2, v1.25.3, v1.26.0, v1.26.0-alpha.1, v1.26.0-alpha.2, v1.26.0-beta.1, v1.26.0-beta.2, v1.26.1

All unaffected versions

v1.25.4, v1.26.2, v1.26.3, v1.26.4, v1.26.5, v1.26.6, v1.27.0, v1.27.1, v1.27.2, v1.27.3, v1.28.0, v1.28.1, v1.28.2, v1.28.3, v1.28.4, v1.28.5, v1.28.6, v1.28.7, v1.29.0, v1.29.1, v1.29.2, v1.30.0, v1.30.1, v1.30.2, v1.30.3, v1.30.4, v1.31.0, v1.32.0, v1.32.1, v1.32.2, v1.33.0, v1.33.1, v1.34.0

Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode.

References:

Identifiers

GHSA-8gwj-m6vh-2g6j

CVE-2023-1943

Risk

Severity

High

EPSS

EPSS Percentage: 0.00095

EPSS Percentile: 0.27491

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/kubernetes/kops

Date and time

Published

about 2 years ago

Updated

almost 2 years ago

API

JSON