Liggitt

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue is related to parsing malicious or large YAML documents, which can lead to excessive consumption of CPU or memory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Openshift Enterprise 3 **Description** A flaw was found in the validation of X.509 client intermediate certificate host name fields in Kubernetes as used by Openshift Enterprise. This could allow an attacker to bypass authentication requirements using a specially crafted X.509 certificate. **Recommendations** For Openshift Enterprise 3, update the Kubernetes component to correctly validate X.509 client intermediate certificate host name fields. As a temporary workaround, consider restricting access to sensitive resources that rely on X.509 certificate authentication until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Kubernetes versions 1.5.0 through 1.5.4 **Description** The issue is related to a plugin for accessing PodSecurityPolicy, a software tool for managing clusters of virtual machines in Kubernetes, and is associated with insufficient access control. Exploitation of this issue may allow a remote attacker to escalate their privileges, granting them the ability to use any existing PodSecurityPolicy object. **Recommendations** For Kubernetes versions 1.5.0 through 1.5.4, update to a version that includes a fix for the privilege escalation issue in the PodSecurityPolicy admission plugin. At the moment, there is no information about a newer version that contains a fix for this vulnerability.