Engel & Völkers Technology GmbH: CVE-2019-11248 on alertmanager.ev-cloud-platform.engelvoelkers.com
Summary: The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. Steps To Reproduce: Navigate to the following...