Arbitrary command execution through gitRepo volume Go to Source

Unauthorized read of Custom Resources Go to Source

Node address isn’t always verified when proxying Go to Source

secrets-store-csi-driver discloses service account tokens in logs Go to Source

Bypassing policies imposed by the ImagePolicyWebhook and bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Go to Source

Bypassing policies imposed by the ImagePolicyWebhook and bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Go to Source

Bypass of seccomp profile enforcement Go to Source

Insufficient input sanitization on Windows nodes leads to privilege escalation Go to Source

Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation Go to Source

Insufficient input sanitization on Windows nodes leads to privilege escalation Go to Source