Kubelet · Kubelet · CVE-2023-2431
**Name of the Vulnerable Software and Affected Versions**
Kubelet (affected versions not specified)
**Description**
A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field are affected by this issue, allowing the pod to run in unconfined (seccomp disabled) mode. The issue is related to insufficient input validation, which can be exploited to configure certain modules to work in an unconfined mode.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.