Marosset

**Name of the Vulnerable Software and Affected Versions** Kubernetes (affected versions not specified) **Description** A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy. The issue is related to improper input validation in the Container Storage Interface (CSI) proxy. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kubernetes (affected versions not specified) **Description** A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Windows (versões afetadas não especificadas) **Descrição** A vulnerabilidade permite que cargas de trabalho do Windows sejam executadas como ContainerAdministrator, mesmo quando a opção runAsNonRoot está definida como true. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.