{"id":"CVE-2023-3676","details":"A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.","aliases":["GHSA-7fxm-f474-hf8w","GO-2023-2330"],"modified":"2026-04-10T05:00:21.788689Z","published":"2023-10-31T21:15:08.550Z","related":["CGA-33r6-gv35-447j","openSUSE-SU-2024:14599-1"],"references":[{"type":"ADVISORY","url":"https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20231130-0007/"},{"type":"FIX","url":"https://github.com/kubernetes/kubernetes/issues/119339"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"0"},{"fixed":"22a9682c8fe855c321be75c5faacde343f909b04"},{"introduced":"a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2"},{"fixed":"5244794d27b4cc68290bc496b00e248857ac8b47"},{"introduced":"b46a3f887ca979b1a5d14fd39cb1af43e7e5d12d"},{"fixed":"395f0a2fdc940aeb9ab88849e8fa4321decbf6e1"},{"introduced":"1b4df30b3cdfeaba6024e81e559a6cd09a089d65"},{"fixed":"93e0d7146fb9c3e9f68aa41b2b4265b2fcdb0a4c"},{"introduced":"855e7c48de7388eb330da0f8d9d2394ee818fb8d"},{"fixed":"8dc49c4b984b897d423aab4971090e1879eb4f23"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.24.17"},{"introduced":"1.25.0"},{"fixed":"1.25.13"},{"introduced":"1.26.0"},{"fixed":"1.26.8"},{"introduced":"1.27.0"},{"fixed":"1.27.5"},{"introduced":"1.28.0"},{"fixed":"1.28.1"}]}}],"versions":["v0.13.1-dev","v0.17.0","v1.1.0-alpha.0","v1.1.0-alpha.1","v1.10.0-alpha.0","v1.10.0-alpha.1","v1.10.0-alpha.2","v1.10.0-alpha.3","v1.11.0-alpha.0","v1.11.0-alpha.1","v1.11.0-alpha.2","v1.12.0-alpha.0","v1.12.0-alpha.1","v1.13.0-alpha.0","v1.13.0-alpha.1","v1.13.0-alpha.2","v1.13.0-alpha.3","v1.14.0-alpha.0","v1.14.0-alpha.1","v1.14.0-alpha.2","v1.14.0-alpha.3","v1.15.0-alpha.0","v1.15.0-alpha.1","v1.15.0-alpha.2","v1.15.0-alpha.3","v1.16.0-alpha.0","v1.16.0-alpha.1","v1.16.0-alpha.2","v1.16.0-alpha.3","v1.17.0-alpha.0","v1.17.0-alpha.1","v1.17.0-alpha.2","v1.17.0-alpha.3","v1.18.0-alpha.0","v1.18.0-alpha.1","v1.18.0-alpha.2","v1.18.0-alpha.4","v1.18.0-alpha.5","v1.19.0-alpha.0","v1.19.0-alpha.1","v1.19.0-alpha.2","v1.19.0-alpha.3","v1.19.0-beta.0","v1.19.0-beta.1","v1.19.0-beta.2","v1.2.0-alpha.1","v1.2.0-alpha.2","v1.2.0-alpha.3","v1.2.0-alpha.4","v1.2.0-alpha.5","v1.2.0-alpha.6","v1.2.0-alpha.7","v1.2.0-alpha.8","v1.20.0-alpha.0","v1.20.0-alpha.1","v1.20.0-alpha.2","v1.20.0-alpha.3","v1.20.0-beta.0","v1.20.0-beta.1","v1.20.0-beta.2","v1.21.0-alpha.0","v1.21.0-alpha.1","v1.21.0-alpha.2","v1.21.0-alpha.3","v1.21.0-beta.0","v1.21.0-beta.1","v1.22.0-alpha.0","v1.22.0-alpha.1","v1.22.0-alpha.2","v1.22.0-alpha.3","v1.22.0-beta.0","v1.22.0-beta.1","v1.22.0-beta.2","v1.23.0-alpha.0","v1.23.0-alpha.1","v1.23.0-alpha.2","v1.23.0-alpha.3","v1.23.0-alpha.4","v1.24.0","v1.24.0-alpha.0","v1.24.0-alpha.1","v1.24.0-alpha.2","v1.24.0-alpha.3","v1.24.0-alpha.4","v1.24.0-beta.0","v1.24.0-rc.0","v1.24.0-rc.1","v1.24.1","v1.24.1-rc.0","v1.24.10","v1.24.10-rc.0","v1.24.11","v1.24.11-rc.0","v1.24.12","v1.24.12-rc.0","v1.24.13","v1.24.14","v1.24.15","v1.24.16","v1.24.2","v1.24.2-rc.0","v1.24.3","v1.24.3-rc.0","v1.24.4","v1.24.4-rc.0","v1.24.5","v1.24.5-rc.0","v1.24.6","v1.24.6-rc.0","v1.24.7","v1.24.7-rc.0","v1.24.8","v1.24.8-rc.0","v1.24.9","v1.24.9-rc.0","v1.25.0","v1.25.0-alpha.0","v1.25.1","v1.25.1-rc.0","v1.25.10","v1.25.11","v1.25.12","v1.25.2","v1.25.2-rc.0","v1.25.3","v1.25.3-rc.0","v1.25.4","v1.25.4-rc.0","v1.25.5","v1.25.5-rc.0","v1.25.6","v1.25.6-rc.0","v1.25.7","v1.25.7-rc.0","v1.25.8","v1.25.8-rc.0","v1.25.9","v1.26.0","v1.26.1","v1.26.1-rc.0","v1.26.2","v1.26.2-rc.0","v1.26.3","v1.26.3-rc.0","v1.26.4","v1.26.5","v1.26.6","v1.26.7","v1.27.0","v1.27.1","v1.27.2","v1.27.3","v1.27.4","v1.28.0","v1.3.0-alpha.0","v1.3.0-alpha.1","v1.3.0-alpha.2","v1.3.0-alpha.3","v1.3.0-alpha.4","v1.3.0-alpha.5","v1.4.0-alpha.1","v1.4.0-alpha.2","v1.4.0-alpha.3","v1.5.0-alpha.0","v1.5.0-alpha.1","v1.5.0-alpha.2","v1.6.0-alpha.0","v1.6.0-alpha.1","v1.6.0-alpha.2","v1.6.0-alpha.3","v1.7.0-alpha.0","v1.7.0-alpha.1","v1.7.0-alpha.2","v1.7.0-alpha.3","v1.7.0-alpha.4","v1.8.0-alpha.0","v1.8.0-alpha.1","v1.8.0-alpha.2","v1.8.0-alpha.3","v1.9.0-alpha.0","v1.9.0-alpha.1","v1.9.0-alpha.2","v1.9.0-alpha.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3676.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}