CVE-2017-1000056

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-1000056

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000056.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000056

Aliases

Downstream

DEBIAN-CVE-2017-1000056

Published

2017-07-17T13:18:17.750Z

Modified

2026-03-10T14:16:46.780742Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

References

https://github.com/kubernetes/kubernetes/issues/43459

Affected packages

Git / github.com/kubernetes/kubernetes

Affected ranges

Type

GIT

Repo

https://github.com/kubernetes/kubernetes

Events

Introduced

Last affected

58b7c16a52c03e4a849874602be42ee71afdcab1

Introduced

Last affected

82450d03cb057bab0950214ef122b67c83fb11df

Introduced

Last affected

08e099554f3c31f6e6f07b448ab3ed78d0520507

Introduced

Last affected

029c3a408176b55c30846f0faedf56aae5992e9b

Introduced

Last affected

7243c69eb523aa4377bce883e7c0dd76b84709a1

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.4"
        }
    ]
}

Affected versions

v0.*

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.13.1-dev

v0.14.0

v0.14.1

v0.15.0

v0.16.0

v0.16.1

v0.16.2

v0.17.0

v0.17.1

v0.18.0

v0.18.1

v0.18.2

v0.19.0

v0.19.1

v0.19.2

v0.19.3

v0.2

v0.20.0

v0.20.1

v0.20.2

v0.21.0

v0.21.1

v0.21.2

v0.3

v0.4

v0.5

v0.6.0

v0.7.0

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.1.0-alpha.0

v1.1.0-alpha.1

v1.2.0-alpha.1

v1.2.0-alpha.2

v1.2.0-alpha.3

v1.2.0-alpha.4

v1.2.0-alpha.5

v1.2.0-alpha.6

v1.2.0-alpha.7

v1.2.0-alpha.8

v1.3.0-alpha.0

v1.3.0-alpha.1

v1.3.0-alpha.2

v1.3.0-alpha.3

v1.3.0-alpha.4

v1.3.0-alpha.5

v1.4.0-alpha.0

v1.4.0-alpha.1

v1.4.0-alpha.2

v1.4.0-alpha.3

v1.5.0

v1.5.0-alpha.0

v1.5.0-alpha.1

v1.5.0-alpha.2

v1.5.0-beta.0

v1.5.0-beta.1

v1.5.0-beta.2

v1.5.0-beta.3

v1.6.0-alpha.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000056.json"