Lucene search
Veracode Vulnerability DatabaseVERACODE:32186HistorySep 21, 2021 - 7:22 a.m.
Information Disclosure And Malicious Redirect
2021-09-2107:22:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
33.3%
github.com/kubernetes/kubernetes is vulnerable to information disclosure and malicious redirection. If --profiling is enabled on the kube-apiserver, an attacker with a control over a validating or mutating webhook are able to access the kube-apiserver process logs and are able to redirect kube-apiserver requests to private networks of the apiserver.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/kubernetes/kubernetes | le | v1.21.0-alpha.2 | |
| github.com/kubernetes/kubernetes | le | v1.25.0-alpha.1 |
Related
gitlab
gitlab
Externally Controlled Reference to a Resource in Another Sphere
2021-09-21 00:00:00
osv
osv
Confused Deputy in Kubernetes
2021-09-21 18:28:21
CVE-2020-8561
2021-09-20 17:15:08
cve
cve
CVE-2020-8561
2021-09-20 17:15:08
ubuntucve
ubuntucve
CVE-2020-8561
2021-09-20 00:00:00
redhatcve
redhatcve
CVE-2020-8561
2021-09-15 23:48:10
prion
prion
Design/Logic Flaw
2021-09-20 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-8561 affecting package kubernetes 1.22.4-3
2022-03-01 01:46:55
nvd
nvd
CVE-2020-8561
2021-09-20 17:15:08
github
github
Confused Deputy in Kubernetes
2021-09-21 18:28:21
debiancve
debiancve
CVE-2020-8561
2021-09-20 17:15:08
cvelist
cvelist
CVE-2020-8561 Webhook redirect in kube-apiserver
2021-09-15 00:00:00
hackerone
hackerone
Kubernetes: SSRF for kube-apiserver cloudprovider scene
2020-07-24 12:41:44