x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-5xfg-wv98-264m #2755

GoVulnBot · 2024-04-24T21:01:42Z

In GitHub Security Advisory GHSA-5xfg-wv98-264m, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/kubernetes/kubernetes	1.19.3	< 1.19.3

Cross references:

Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes/pkg/kubectl/cmd/cp: GHSA-34jx-wx69-9x8v #782 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-579h-mv94-g4gp #792 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes/pkg/kubectl/cmd/cp: GHSA-6qfg-8799-r575 #802 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-mqf3-28j7-3mj6 #857 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes/pkg/kubelet/server: GHSA-qhm4-jxv7-j9pq #867 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes/pkg/volume/storageos: GHSA-x6mj-w4jf-jmgw #890 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes/pkg/apiserver: GHSA-xx8c-m748-xr4j #893 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-2394-5535-8j88 #1628 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-jh36-q97c-9928 #1629 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: CVE-2021-25736 #2159 NOT_IMPORTABLE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: CVE-2019-11246 #2230 LEGACY_FALSE_POSITIVE
Module github.com/kubernetes/kubernetes appears in issue x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: CVE-2019-11252 #2231 LEGACY_FALSE_POSITIVE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/kubernetes/kubernetes
      versions:
        - fixed: 1.19.3
      packages:
        - package: github.com/kubernetes/kubernetes
summary: Sensitive Information leak via Log File in Kubernetes in github.com/kubernetes/kubernetes
cves:
    - CVE-2020-8563
ghsas:
    - GHSA-5xfg-wv98-264m
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2020-8563
    - report: https://github.com/kubernetes/kubernetes/issues/95621
    - fix: https://github.com/kubernetes/kubernetes/pull/95236
    - fix: https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96
    - web: https://bugzilla.redhat.com/show_bug.cgi?id=1886635
    - web: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
    - web: https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ
    - web: https://security.netapp.com/advisory/ntap-20210122-0006
    - advisory: https://github.com/advisories/GHSA-5xfg-wv98-264m
source:
    id: GHSA-5xfg-wv98-264m

The text was updated successfully, but these errors were encountered:

gopherbot · 2024-05-17T20:42:37Z

Change https://go.dev/cl/586484 mentions this issue: data/reports: add 73 unreviewed reports

gopherbot · 2024-06-03T19:20:32Z

Change https://go.dev/cl/590040 mentions this issue: data/reports: add 6 reports

gopherbot · 2024-06-04T22:07:37Z

Change https://go.dev/cl/590281 mentions this issue: data/reports: add 6 unreviewed reports

tatianab assigned maceonthompson May 10, 2024

tatianab added the triaged label May 23, 2024

gopherbot closed this as completed in 7ecfe86 Jun 5, 2024

GoVulnBot mentioned this issue Jul 18, 2024

x/vulndb: potential Go vuln in k8s.io/kubernetes: GHSA-82m2-cv7p-4m75 #2994

Closed

GoVulnBot mentioned this issue Nov 22, 2024

x/vulndb: potential Go vuln in k8s.io/kubernetes: GHSA-27wf-5967-98gx #3286

Closed

GoVulnBot mentioned this issue Feb 13, 2025

x/vulndb: potential Go vuln in k8s.io/kubernetes: GHSA-jgfp-53c3-624w #3465

Closed

GoVulnBot mentioned this issue Mar 13, 2025

x/vulndb: potential Go vuln in k8s.io/kubernetes: GHSA-vv39-3w5q-974q #3522

Closed

GoVulnBot mentioned this issue Mar 21, 2025

x/vulndb: potential Go vuln in k8s.io/kubernetes/cmd/kube-apiserver: GHSA-r56h-j38w-hrqq #3547

Closed

GoVulnBot mentioned this issue Apr 24, 2025

x/vulndb: potential Go vuln in k8s.io/kubernetes: GHSA-gc2p-g4fg-29vh #3645

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-5xfg-wv98-264m #2755

x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-5xfg-wv98-264m #2755

GoVulnBot commented Apr 24, 2024

gopherbot commented May 17, 2024

gopherbot commented Jun 3, 2024

gopherbot commented Jun 4, 2024

x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-5xfg-wv98-264m #2755

x/vulndb: potential Go vuln in github.com/kubernetes/kubernetes: GHSA-5xfg-wv98-264m #2755

Comments

GoVulnBot commented Apr 24, 2024

gopherbot commented May 17, 2024

gopherbot commented Jun 3, 2024

gopherbot commented Jun 4, 2024