Vulnerability & Exploit Database

Displaying entries 31 - 40 of 139382 in total

Red Hat OpenShift: CVE-2018-1002105: kubernetes: authentication/authorization bypass in the handling of non-101 responses Vulnerability

  • Severity: 10
  • Published: December 04, 2018

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to th...

Kubernetes: CVE-2018-1002105: Proxy request handling in kube-apiserver can leave vulnerable TCP connections Vulnerability

  • Severity: 10
  • Published: December 04, 2018

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to th...