ghsa-mqf3-28j7-3mj6
Vulnerability from github
Published
2022-04-12 22:40
Modified
2023-02-03 20:43
Severity
Summary
Information Exposure in Kubernetes
Details
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/kubernetes/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2015-7528"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-19T22:12:31Z",
"nvd_published_at": "2016-04-11T21:59:00Z",
"severity": "MODERATE"
},
"details": "Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.",
"id": "GHSA-mqf3-28j7-3mj6",
"modified": "2023-02-03T20:43:21Z",
"published": "2022-04-12T22:40:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7528"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/17886"
},
{
"type": "WEB",
"url": "https://github.com/openshift/origin/pull/6113"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/commit/afd56495a1052a3387b81df1786a8d0f51bc8671"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:2544"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:2615"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2015-7528"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286745"
},
{
"type": "PACKAGE",
"url": "https://github.com/kubernetes/kubernetes"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5"
},
{
"type": "WEB",
"url": "https://rhn.redhat.com/errata/RHSA-2015-2615.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Information Exposure in Kubernetes"
}
Loading...