github.com/kubernetes/minikube is vulnerable to DNS rebinding. The library does not randomize its ports or enforce host checking, allowing a malicious user to conduct a DNS rebinding to execute arbitrary code on another user’s minikube cluster.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/kubernetes/minikube | eq | HEAD | |
github.com/kubernetes/minikube | le | 0.29.0 |