2023 Kubernetes Vulnerabilities and CVEs to Address

Synopsis

2023 has been a busy year for vulnerabilities in Kubernetes and the broad third party Kubernetes ecosystem.

So far we have seen seven third-party vulnerabilities and one Kubernetes vulnerability in the Kubernetes CSI. 

In this round-up, you will find all the information you need about these vulnerabilities and how to appropriately address them. 

• Crossplane: CVE- 202327483
• Jenkins and CubeFS CVE-202330513 & CVE-202330512
• Clusternet: CVE 202330622
• Bare Metal Operator and Fluid: CVE-202330841 and CVE-202330840
• Kubernetes CSI Driver: CVE-20232878
• Rancher: CVE-202322647