GCVE - cpe:2.3:a:kubernetes:kube-apiserver:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kubernetes:kube-apiserver:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kubernetes (`3ee05930-9e42-51b2-ad52-30832f573b15`)
Product	Kube Apiserver (`94b7cce9-a9a4-5bc8-98d5-9a463cf01b65`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/kubernetes/apiserver`	purl2cpe	2026-06-01 10:13:27.988528
`pkg:golang/github.com/kubernetes/apiserver`	purl2cpe	2026-06-01 10:13:27.988531

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-7598`	vulnerable	2026-06-03 14:58:06.503521	Network restriction bypass via race condition during namespace termination LOW (3.1) A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced. Published: 2025-03-20T16:52:57.929Z Updated: 2025-03-20T21:02:37.374Z Open on db.gcve.eu Reference links https://github.com/kubernetes/kubernetes/issues/126587 https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3172`	vulnerable	2026-06-03 14:47:52.387361	Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF) MEDIUM (5.1) A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. Published: 2023-11-03T18:11:53.835Z Updated: 2025-02-13T16:32:41.378Z Open on db.gcve.eu Reference links https://github.com/kubernetes/kubernetes/issues/112513 https://groups.google.com/g/kubernetes-security-announce/c/_aLzYMpPRak https://security.netapp.com/advisory/ntap-20231221-0005/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.