15 matches found
openSUSE Security Advisory (openSUSE-SU-2025:0003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML (CVE-2019-11254)
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...
Oracle Linux 7 : olcne / kubernetes (ELSA-2020-5653)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5653 advisory. - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads - Golang CVE-2019-16276 - Golang CVE-2019-16276 Tenable has extract...
Security Bulletin: Open Source Secuity issues fixed for NPS softlayer provisioner.
Summary Fixed OSS issus for listed CVEs. Vulnerability Details CVEID: CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic. CVSS Base score: 7.5 CVSS Temporal Score:...
Security Bulletin: IBM Cloud Private is vulnerable to a Kubernetes vulnerability (CVE-2019-11254)
Summary IBM Cloud Private is vulnerable to a Kubernetes vulnerability Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2019-11254)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that could lead to a denial of service vulnerability from malicious YAML payloads CVE-2019-11254 Vulnerability Details CVEID: CVE-2019-11254 Description: Kubernetes is vulnerable to a denia...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.5 container image security update
An update is now available for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes (CVE-2019-11254)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated...
Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes API server security vulnerabilities (CVE-2019-11254, CVE-2020-8552)
Summary IBM Cloud Kubernetes Service is affected by security vulnerabilities in the Kubernetes API server that exposes it to denial of service attacks CVE-2019-11254 and CVE-2020-8552 Vulnerability Details CVEID: CVE-2019-11254 DESCRIPTION: Kubernetes is vulnerable to a denial of service, caused ...
olcne kubernetes security update
olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...
CVE-2019-11254 vulnerabilities
Vulnerabilities for packages: dex-k8s-authenticator, k3d...
CVE-2019-11254 vulnerabilities
Vulnerabilities for packages: k3d...
AZL-41568 CVE-2019-11254 affecting package packer 1.9.5-13
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...
CVE-2019-11254
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...
CVE-2019-11254
CVE-2019-11254 affects the Kubernetes API Server. An authorized user can send malicious YAML to cause the kube-apiserver to consume excessive CPU during YAML parsing. Affected: Kubernetes API Server versions 1.1–1.14 and pre-1.15.10, pre-1.16.7, and pre-1.17.3. Impact: potential resource exhausti...