CVE-2023-2727

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-2727

Severity

6.5

Medium

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-2727
https://github.com/advisories/GHSA-qc2g-gmh6-95p4
https://pkg.go.dev/vuln/GO-2023-1891
http://www.openwall.com/lists/oss-security/2023/07/06/2
https://security.netapp.com/advisory/ntap-20230803-0004/
https://github.com/kubernetes/kubernetes/issues/118640
https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2023-2727

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company