CVE-2019-11248

🗓️ 29 Aug 2019 01:15:00Reported by ubuntu.comType

The debugging endpoint /debug/pprof exposes sensitive information such as internal Kubelet memory addresses and configuration over the unauthenticated Kubelet healthz port. It can potentially lead to limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected by CVE-2019-11248

Reporter	Title	Published	Views	Family All 34
IBM Security Bulletins	Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerability (CVE-2019-11248)	19 Aug 201915:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Kubernetes affects IBM Watson Studio Local	20 Dec 201913:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Kubernetes affect IBM InfoSphere Information Server	1 Apr 202121:05	–	ibm
IBM Security Bulletins	Security Bulletin: A Security Vulnerability affects IBM Cloud Private Kubernetes (CVE-2019-11248)	23 Nov 201916:46	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Secuity issues fixed for NPS softlayer provisioner.	11 Dec 202007:10	–	ibm
Circl	CVE-2019-11248	18 Jul 202203:11	–	circl
CVE	CVE-2019-11248	29 Aug 201900:26	–	cve
Cvelist	CVE-2019-11248 Kubernetes kubelet exposes /debug/pprof info on healthz port	29 Aug 201900:26	–	cvelist
Debian CVE	CVE-2019-11248	29 Aug 201900:26	–	debiancve
Fedora	[SECURITY] Fedora 30 Update: kubernetes-1.15.2-1.fc30	26 Aug 201900:53	–	fedora