Lucene search
K

15 matches found

OpenVAS
OpenVAS
added 2025/02/18 12:0 a.m.15 views

openSUSE Security Advisory (openSUSE-SU-2025:0003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.93305EPSS
Exploits4References11
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.52 views

YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML (CVE-2019-11254)

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

6.5CVSS7.9AI score0.0236EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.38 views

Oracle Linux 7 : olcne / kubernetes (ELSA-2020-5653)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5653 advisory. - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads - Golang CVE-2019-16276 - Golang CVE-2019-16276 Tenable has extract...

7.5CVSS6.9AI score0.05157EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 7:10 a.m.35 views

Security Bulletin: Open Source Secuity issues fixed for NPS softlayer provisioner.

Summary Fixed OSS issus for listed CVEs. Vulnerability Details CVEID: CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic. CVSS Base score: 7.5 CVSS Temporal Score:...

8.2CVSS0.8AI score0.61139EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/18 10:10 p.m.34 views

Security Bulletin: IBM Cloud Private is vulnerable to a Kubernetes vulnerability (CVE-2019-11254)

Summary IBM Cloud Private is vulnerable to a Kubernetes vulnerability Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated...

6.5CVSS0.5AI score0.0236EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/21 7:34 p.m.29 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2019-11254)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that could lead to a denial of service vulnerability from malicious YAML payloads CVE-2019-11254 Vulnerability Details CVEID: CVE-2019-11254 Description: Kubernetes is vulnerable to a denia...

6.5CVSS0.2AI score0.0236EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/13 5:22 p.m.132 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.5 container image security update

An update is now available for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7.5AI score0.99019EPSS
Exploits26References8
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/11 6:45 p.m.34 views

Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes (CVE-2019-11254)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated...

6.5CVSS1.3AI score0.0236EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/30 3:31 p.m.34 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes API server security vulnerabilities (CVE-2019-11254, CVE-2020-8552)

Summary IBM Cloud Kubernetes Service is affected by security vulnerabilities in the Kubernetes API server that exposes it to denial of service attacks CVE-2019-11254 and CVE-2020-8552 Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused ...

6.5CVSS0.1AI score0.02428EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2020/04/17 12:0 a.m.61 views

olcne kubernetes security update

olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...

7.5CVSS2.5AI score0.05157EPSS
Exploits0
Chainguard
Chainguard
added 2020/04/01 9:15 p.m.28 views

CVE-2019-11254 vulnerabilities

Vulnerabilities for packages: dex-k8s-authenticator, k3d...

6.5CVSS6.8AI score0.0236EPSS
Exploits0
Wolfi
Wolfi
added 2020/04/01 9:15 p.m.32 views

CVE-2019-11254 vulnerabilities

Vulnerabilities for packages: k3d...

6.5CVSS7.5AI score0.0236EPSS
Exploits0
OSV
OSV
added 2020/04/01 9:15 p.m.6 views

AZL-41568 CVE-2019-11254 affecting package packer 1.9.5-13

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

6.5CVSS6.9AI score0.0236EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/04/01 9:15 p.m.52 views

CVE-2019-11254

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

6.5CVSS6.8AI score0.0236EPSS
Exploits0References3
CVE
CVE
added 2020/04/01 8:30 p.m.401 views

CVE-2019-11254

CVE-2019-11254 affects the Kubernetes API Server. An authorized user can send malicious YAML to cause the kube-apiserver to consume excessive CPU during YAML parsing. Affected: Kubernetes API Server versions 1.1–1.14 and pre-1.15.10, pre-1.16.7, and pre-1.17.3. Impact: potential resource exhausti...

6.5CVSS6.5AI score0.0236EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder