14 matches found
AWS VDP: Health check errors silently dropped when channel buffer full
Component: pkg/plugin/plugin.go:153-156, pkg/plugin/pluginv2.go:156-158 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary When KMS operations fail, the error is sent to a buffered channel healthCheckErrc, size 100 via a non-blocking...
Linux Distros Unpatched Vulnerability : CVE-2019-11248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port...
VulnCheck KEV: CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
PT-2023-26185 ¡ Dapr ¡ Dapr
Name of the Vulnerable Software and Affected Versions: Dapr versions prior to 1.10.9 Dapr versions prior to 1.11.2 Description: A vulnerability has been found in Dapr that allows bypassing API token authentication with a well-crafted HTTP request. This issue impacts Dapr users who have configured...
SUSE CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
8x8: CVE-2019-11248 on http://â.â.â.â:9100/debug/pprof/goroutine
@mrk0anti reported to us an exposed debugging endpoint /debug/pprof over the unauthenticated Kubelet healthz port 9100. No sensitive information has been disclosed & the affected host belonged to our staging environment. The issue has been rectified...
Exposed Endpoints
github.com/kubernetes/ingress-nginx is uses publicly exposed endpoints. The prometheus metrics and healthz of the Kubernetes defaultbackend can be accessed by a remote attacker using a port-forward request to access the publicly accessible metrics...
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
DEBIAN-CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
UBUNTU-CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
Default configuration
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
CVE-2019-11248 Kubernetes kubelet exposes /debug/pprof info on healthz port
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...