Skip to main content
Solved

any document about vulnerabilities without module ID on SCC?

  • October 7, 2024
  • 2 replies
  • 21 views
F
Forum|alt.badge.img+1

Hi experts, 

I am trying to understand the items list on the Vulneraibilities of SCC. 

There are a lot of items that have no Module ID in the Vulneraibilities page. 
For example, 
Cataegory: GKE Security bulletin, Secrets in environment variables, block all ingress. 

Is there any documents about these items without Module id?

Many thanks. 

BR,

Lee

 

Best answer by andras11

Hi Lee,

For the GKE Security Bulletin vulnerabilities we would normally look for vulnerabilities related to Security Bulletins related to GKE. Some more details on these can be found here:

https://cloud.google.com/kubernetes-engine/security-bulletins

If you have any associated Active Findings then it’s worth checking for any actions which could be required per the associated bulletin.

For Secrets in environment variables is looking for affected resource storing credentials or other secret information in its environment variables. This is a security vulnerability because environment variables are stored unencrypted, and accessible to all users who have access to the code. Any associate Findings should list the affected resource in question

For Block All Ingress these are items associated with the Policy Controller and the creation of Ingress Objects based on the BlockAllIngress policy template

https://cloud.google.com/kubernetes-engine/enterprise/policy-controller/docs/latest/reference/constraint-template-library#k8sblockallingress

    2 replies

    andras11
    Staff
    Forum|alt.badge.img+7
    • andras11
    • Staff
    • Answer
    • October 7, 2024

    Hi Lee,

    For the GKE Security Bulletin vulnerabilities we would normally look for vulnerabilities related to Security Bulletins related to GKE. Some more details on these can be found here:

    https://cloud.google.com/kubernetes-engine/security-bulletins

    If you have any associated Active Findings then it’s worth checking for any actions which could be required per the associated bulletin.

    For Secrets in environment variables is looking for affected resource storing credentials or other secret information in its environment variables. This is a security vulnerability because environment variables are stored unencrypted, and accessible to all users who have access to the code. Any associate Findings should list the affected resource in question

    For Block All Ingress these are items associated with the Policy Controller and the creation of Ingress Objects based on the BlockAllIngress policy template

    https://cloud.google.com/kubernetes-engine/enterprise/policy-controller/docs/latest/reference/constraint-template-library#k8sblockallingress

    F
    F
    Forum|alt.badge.img+1
    • Frandlee
    • Author
    • New Member
    • November 13, 2024

    Hi Andras,

    thank you so much.

    Br, Lee

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.