kubectl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the kubectl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Excessive Iteration	<0:1.20.11-4.el7
H CVE-2024-24786	<0:1.25.16-2.el7
H NULL Pointer Dereference	<0:1.25.16-2.el7
H CVE-2023-27487	<0:1.25.7-2.el7
H CVE-2023-27488	<0:1.24.8-2.el7
H HTTP Request Smuggling	<0:1.25.7-2.el7
H Allocation of Resources Without Limits or Throttling	<0:1.25.7-2.el7
H CVE-2023-27496	<0:1.24.8-2.el7
H HTTP Request Smuggling	<0:1.24.8-2.el7
H CVE-2023-39326	<0:1.25.15-2.el7
H Allocation of Resources Without Limits or Throttling	<0:1.25.15-1.el7
H CVE-2023-44487	<0:1.25.15-1.el7
H CVE-2023-2727	<0:1.25.11-1.el7
H CVE-2023-2728	<0:1.24.15-1.el7
H Directory Traversal	<0:1.23.14-1.el7
H CVE-2022-3294	<0:1.23.14-1.el7
H Server-Side Request Forgery (SSRF)	<0:1.23.11-1.el7
H Missing Authentication for Critical Function	<0:1.23.7-1.el7
H Out-of-bounds Read	<0:1.23.7-1.el7
H NULL Pointer Dereference	<0:1.23.7-1.el7
H Use After Free	<0:1.23.7-1.el7
H Resource Exhaustion	<0:1.23.7-1.el7
H Use After Free	<0:1.23.7-1.el7
H ELSA-2020-5654	<0:1.12.10-1.0.11.el7
H ELSA-2019-4718	<0:1.11.3-2.7.2.el7
H ELSA-2019-4720	<0:1.9.11-2.7.1.el7
H ELSA-2019-4719	<0:1.10.5-2.7.4.el7
H ELSA-2019-4611	<0:1.11.3-2.5.2.el7
H ELSA-2019-4609	<0:1.9.11-2.5.1.el7
H ELSA-2019-4610	<0:1.10.5-2.5.4.el7
H Buffer Overflow	<0:1.20.11-4.el7
H Improper Check for Unusual or Exceptional Conditions	<0:1.20.11-4.el7
H Insufficient Comparison	<0:1.20.11-4.el7
H Incorrect Authorization	<0:1.20.11-4.el7
H Files or Directories Accessible to External Parties	<0:1.20.11-4.el7
H Missing Authorization	<0:1.19.8-3.el7
H Reachable Assertion	<0:1.18.18-3.el7
H NULL Pointer Dereference	<0:1.19.8-3.el7
H CVE-2021-34824	<0:1.19.8-3.el7
H Integer Overflow or Wraparound	<0:1.20.6-2.el7
H Use of Incorrectly-Resolved Name or Reference	<0:1.18.18-3.el7
H CVE-2020-8554	<0:1.17.9-1.0.6.el7
H Incorrect Permission Assignment for Critical Resource	<0:1.18.10-3.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.18.18-2.el7
H Link Following	<0:1.14.9-1.0.6.el7
H Origin Validation Error	<0:1.14.9-1.0.6.el7
H Improper Preservation of Permissions	<0:1.17.9-1.0.1.el7
H Resource Exhaustion	<0:1.12.10-1.0.13.el7
H NULL Pointer Dereference	<0:1.17.9-1.0.1.el7
H Use of Hard-coded Credentials	<0:1.14.9-1.0.6.el7
H Link Following	<0:1.17.9-1.0.1.el7
H Open Redirect	<0:1.12.10-1.0.13.el7
H Server-Side Request Forgery (SSRF)	<0:1.17.6-1.0.2.el7
H CVE-2019-11254	<0:1.14.9-1.0.3.el7
H CVE-2020-10749	<0:1.17.6-1.0.2.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.14.9-1.0.9.el7
H Improper Enforcement of Message or Data Structure	<0:1.17.9-1.0.1.el7
H Server-Side Request Forgery (SSRF)	<0:1.17.6-1.0.2.el7
H HTTP Request Smuggling	<0:1.12.10-1.0.10.el7
H Directory Traversal	<0:1.12.10-1.0.10.el7
H Directory Traversal	<0:1.12.10-1.0.10.el7
H Link Following	<0:1.12.10-1.0.10.el7
H Incorrect Authorization	<0:1.12.10-1.0.10.el7
H Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<0:1.12.10-1.0.10.el7
H Incorrect Permission Assignment for Critical Resource	<0:1.12.7-1.2.3.el7
H Always-Incorrect Control Flow Implementation	<0:1.12.7-1.1.2.el7
H Link Following	<0:1.12.7-1.1.2.el7
H Allocation of Resources Without Limits or Throttling	<0:1.9.11-2.2.1.el7
H Resource Exhaustion	<0:1.12.10-1.0.10.el7
H Error Handling	<0:1.9.11-2.1.1.el7
H CVE-2017-1002102	<0:1.9.1-2.1.5.el7
H Link Following	<0:1.9.1-2.1.5.el7

Vulnerability

Vulnerable Version

Excessive Iteration

<0:1.20.11-4.el7