Все бюллетени/p9/ALT-PU-2020-2338-2
ALT-PU-2020-2338-2

Обновление пакета kubernetes в ветке p9

Версия1.18.5-alt1
Задание#254411
Опубликовано2026-02-04
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (11)

CVE-2019-11252
MEDIUM6.5

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.

Опубликовано: 2020-07-23Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Ссылки
CVE-2019-11254
MEDIUM6.5

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

Опубликовано: 2020-04-01Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2020-8551
MEDIUM6.5

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.

Опубликовано: 2020-03-27Изменено: 2024-11-21
CVSS 2.0НИЗКАЯ 3.3
CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2020-8552
MEDIUM4.3

The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.

Опубликовано: 2020-03-27Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.0
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Ссылки
CVE-2020-8555
MEDIUM6.3

The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).

Опубликовано: 2020-06-05Изменено: 2024-11-21
CVSS 2.0НИЗКАЯ 3.5
CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:N/A:N
CVSS 3.xСРЕДНЯЯ 6.3
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Ссылки
CVE-2020-8558
HIGH8.8

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.

Опубликовано: 2020-07-27Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 5.8
CVSS:2.0/AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
GHSA-82hx-w2r5-c2wq
MEDIUM5.3

Kubernetes API Server DoS Via API Requests

Опубликовано: 2022-02-15Изменено: 2023-09-21
CVSS 3.xСРЕДНЯЯ 5.3
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ссылки
GHSA-qhm4-jxv7-j9pq
MEDIUM4.3

Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes

Опубликовано: 2022-02-15Изменено: 2023-01-28
CVSS 3.xСРЕДНЯЯ 4.3
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ссылки
GHSA-wqv3-8cm6-h6wg
HIGH8.8

Improper Authentication in Kubernetes

Опубликовано: 2022-02-15Изменено: 2023-01-07
CVSS 3.xВЫСОКАЯ 8.8
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки
GHSA-wxc4-f4m6-wwqv
MEDIUM6.5

Excessive Platform Resource Consumption within a Loop in Kubernetes

Опубликовано: 2021-12-20Изменено: 2023-02-09
CVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
GHSA-x6mj-w4jf-jmgw
MEDIUM6.3

Server Side Request Forgery (SSRF) in Kubernetes

Опубликовано: 2022-02-15Изменено: 2023-09-19
CVSS 3.xСРЕДНЯЯ 6.3
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Ссылки