ARMO named Gartner Cool Vendor 2023.

Learn more

K8s Vulnerabilities

  • Oct 27, 2023

Three new NGINX ingress controller vulnerabilities reported and how they affect Kubernetes

CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the...

Ben Hirschberg

CTO & Co-founder

 cve-2023-3676
  • Aug 23, 2023

Kubelet vulnerabilities on Windows nodes: CVE-2023-3676, CVE-2023-3955 and CVE-2023-3893

Kubernetes security: three new interrelated vulnerabilities affecting the Windows versions of Kubelet and the Kubernetes...

Ben Hirschberg

CTO & Co-founder

 CVE-2022-47633
  • Dec 21, 2022

CVE-2022-47633: Kyverno’s container image signature verification can be bypassed by a malicious registry or proxy

Security researchers at ARMO have found a high-severity vulnerability in the Kyverno admission controller container...

Ben Hirschberg

CTO & Co-founder
  • Nov 23, 2022

2022 Kubernetes Vulnerabilities – Main Takeaways 

All the main K8s vulnerabilities from 2022 consolidated into one article. Read all about it...

Ben Hirschberg

CTO & Co-founder
  • Nov 11, 2022

CVE-2022-39328: Unauthorized access to arbitrary endpoints in Grafana codebase

Grafana Labs published a security advisory for a new critical vulnerability in its open-source product....

Ben Hirschberg

CTO & Co-founder

 Upcoming Critical OpenSSL Vulnerability
  • Oct 28, 2022

Upcoming Critical OpenSSL Vulnerability

This blog covers a developing story and it will be updated as new information and...

Ben Hirschberg

CTO & Co-founder
  • Sep 19, 2022

CVE-2022-3172 – kube-apiserver can allow an aggregated API server to redirect client traffic to any URL 

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API...

Ben Hirschberg

CTO & Co-founder
  • Mar 29, 2022

CVE-2022-23648 – Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Recently discovered vulnerability – CVE-2022-23648 –  in containerd, a popular container runtime, allows especially containers...

Ben Hirschberg

CTO & Co-founder
  • Mar 8, 2022

CVE-2022-0492 – Privilege Escalation and Container Escape Vulnerability and its impact on Kubernetes

On March 4th, a new privilege escalation vulnerability (CVE-2022-0492) in the Linux kernel was published....

Ben Hirschberg

CTO & Co-founder
  • Feb 6, 2022

CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes

Researcher Moshe Zioni from Apiiro, discovered a major software supply chain critical vulnerability – CVE-2022-24348...

Amir Kaushansky

VP Product
  • Jan 23, 2022

CVE-2022-0185 – What does the newest kernel exploit mean for Kubernetes users and how to detect it?

TL;DR Linux maintainers disclosed a broadly available Linux kernel vulnerability – CVE-2022-0185 – that enables...

Ben Hirschberg

CTO & Co-founder
  • Dec 12, 2021

CVE-2021-44228 – Log4Shell – Vulnerability and its impact on Kubernetes

On Dec 9th, a critical zero-day vulnerability – CVE-2021-44228 – was announced concerning the Java...

Ben Hirschberg

CTO & Co-founder