Skip to content



2023 has been a busy year for vulnerabilities in Kubernetes and the broad third party Kubernetes ecosystem.

So far we have seen seven third-party vulnerabilities and one Kubernetes vulnerability in the Kubernetes CSI. 

In this round-up, you will find all the information you need about these vulnerabilities and how to appropriately address them. 

  • Crossplane: CVE- 202327483
  • Jenkins and CubeFS CVE-202330513 & CVE-202330512
  • Clusternet: CVE 202330622
  • Bare Metal Operator and Fluid: CVE-202330841 and CVE-202330840
  • Kubernetes CSI Driver: CVE-20232878
  • Rancher: CVE-202322647