k8s 漏洞列表
共找到 33 个与 k8s 相关的漏洞
- POC 2025-08-01CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution
- POC 2025-08-01k8s-cpu-limits-not-set: CPU limits not set in Deployments
- POC 2025-08-01k8s-cpu-requests-not-set: CPU Requests not set in Deployments
- POC 2025-08-01k8s-default-namespace-used: Default Namespace Usage in Deployments
- POC 2025-08-01k8s-host-ports-check: Host ports should not be used
- POC 2025-08-01k8s-image-pull-policy-always: Image Pull Policy set to Always
- POC 2025-08-01k8s-image-tag-not-fixed: Image Tag should be fixed - not latest or blank
- POC 2025-08-01k8s-liveness-probe-not-configured: Liveness Probe Not Configured in Deployments
- POC 2025-08-01k8s-memory-limits-not-set: Memory limits not set in Deployments
- POC 2025-08-01k8s-memory-requests-not-set: Memory requests not set in Deployments
- POC 2025-08-01k8s-root-container-admission: Minimize the admission of root containers
- POC 2025-08-01k8s-seccomp-profile-set: Set appropriate seccomp profile
- POC 2025-08-01k8s-missing-network-policies: Check for Missing Network Policies in Kubernetes
- POC 2025-08-01k8s-netpol-egress-rules: Network policies define egress rules
- POC 2025-08-01k8s-netpol-namespace: Network Policies specify namespace
- POC 2025-08-01k8s-network-ingress-rules: Define network ingress rules
- POC 2025-08-01k8s-allow-privilege-escalation-set: Containers run with allowPrivilegeEscalation enabled
- POC 2025-08-01k8s-containers-share-host-ipc: Containers sharing host IPC namespace
- POC 2025-08-01k8s-host-network-namespace-shared: Host Network Namespace Sharing
- POC 2025-08-01k8s-host-pid-namespace-sharing: Host PID Namespace Sharing
- POC 2025-08-01k8s-readonly-fs: Enforce Read-Only Filesystem for Containers
- POC 2025-08-01k8s-readonly-rootfs: Pods with read-only root filesystem
- POC 2025-08-01k8s-root-user-id: Pods run with root user ID
- POC 2025-08-01k8s-role-pod-create: Roles that have pod create permissions
- POC 2025-08-01k8s-apiserver-token-auth-file: Detect kube-apiserver --token-auth-file usage
- POC 2025-08-01k8s-enc-prov-conf: Ensure that encryption providers are configured
- POC 2025-08-01k8s-etcd-cafile-set: Ensure etcd-cafile argument set
- POC 2025-08-01k8s-etcd-files-set: Ensure etcd cert and key set
- POC 2025-08-01k8s-svc-acct-issuer-set: Checks if service-account-issuer is correctly configured
- POC 2025-08-01k8s-svc-acct-key: Ensure service-account-key-file set
- POC 2025-08-01k8s-svc-acct-lookup-set: Ensure service-account-lookup set
- POC 2025-08-01k8s-tls-config-set: Ensure TLS config appropriately set
- POC 2025-08-01k8s-apiserver-anonymous-access: Ensure kube-apiserver --anonymous-auth is explicitly disabled