Kubernetes Product Security Update Advisory (CVE-2023-5528)

Mar 19 2024

Overview

An update has been made available to address a vulnerability in the Kubernetes product. users of affected versions are advised to update to the latest version.

Affected Products

Kubelet 1.8.0 and at least version 1.8.0 (excluding versions 1.28.4, 1.27.8, 1.26.11, 1.25.16)

Resolved Vulnerabilities

Privilege escalation vulnerability on Windows nodes due to insufficient input sanitization in an in-tree storage plugin (CVE-2023-5528)

Vulnerability Patches

Kubelet versions 1.28.4, 1.27.8, 1.26.11, and 1.25.16

Referenced Sites

[1] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

https://github.com/kubernetes/kubernetes/issues/121879

[2] [Security Advisory] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA?pli=1

Kubernetes Product Security Update Advisory (CVE-2023-5528)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Spring Framework Security Update Advisory

WordPress TI WooCommerce Wishlist Plugin Security Update Advisory (CVE-2022-0412)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Spring Framework Security Update Advisory

WordPress TI WooCommerce Wishlist Plugin Security Update Advisory (CVE-2022-0412)