Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-12A084A1EFCB929E0324B7096E6C8846HistorySep 21, 2021 - 12:00 a.m.
Externally Controlled Reference to a Resource in Another Sphere
2021-09-2100:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
10
0.001 Low
EPSS
Percentile
33.3%
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/k8s.io/kubernetes | le | 1.22.2 |
Related
osv
osv
Confused Deputy in Kubernetes
2021-09-21 18:28:21
CVE-2020-8561
2021-09-20 17:15:08
cve
cve
CVE-2020-8561
2021-09-20 17:15:08
redhatcve
redhatcve
CVE-2020-8561
2021-09-15 23:48:10
prion
prion
Design/Logic Flaw
2021-09-20 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-8561 affecting package kubernetes 1.22.4-3
2022-03-01 01:46:55
nvd
nvd
CVE-2020-8561
2021-09-20 17:15:08
github
github
Confused Deputy in Kubernetes
2021-09-21 18:28:21
ubuntucve
ubuntucve
CVE-2020-8561
2021-09-20 00:00:00
veracode
veracode
Information Disclosure And Malicious Redirect
2021-09-21 07:22:27
debiancve
debiancve
CVE-2020-8561
2021-09-20 17:15:08
cvelist
cvelist
CVE-2020-8561 Webhook redirect in kube-apiserver
2021-09-15 00:00:00
hackerone
hackerone
Kubernetes: SSRF for kube-apiserver cloudprovider scene
2020-07-24 12:41:44