Vulnerability & Exploit Database

Displaying all 3 entries

Results for: CVE-2018-1002105 Back to search

Oracle Linux: (CVE-2018-1002105) (Multiple Advisories): kubernetes security update Vulnerability

  • Severity: 8
  • Published: December 05, 2018

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to th...

Red Hat OpenShift: CVE-2018-1002105: kubernetes: authentication/authorization bypass in the handling of non-101 responses Vulnerability

  • Severity: 8
  • Published: December 04, 2018

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to th...

Kubernetes: CVE-2018-1002105: Proxy request handling in kube-apiserver can leave vulnerable TCP connections Vulnerability

  • Severity: 8
  • Published: December 04, 2018

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to th...