GO-2022-0885
- Source
- https://pkg.go.dev/vuln/GO-2022-0885
- Import Source
- https://vuln.go.dev/ID/GO-2022-0885.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2022-0885
- Aliases
- Published
- 2024-08-21T15:29:06Z
- Modified
- 2024-08-21T15:58:52.046121Z
- Summary
- Improper Authentication in Kubernetes in k8s.io/kubernetes
- Details
-
Improper Authentication in Kubernetes in k8s.io/kubernetes
- References
-
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558
- https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg
- https://nvd.nist.gov/vuln/detail/CVE-2020-8558
- https://bugzilla.redhat.com/show_bug.cgi?id=1843358
- https://github.com/kubernetes/kubernetes/issues/92315
- https://github.com/tabbysable/POC-2020-8558
- https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ
- https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE
- https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation
- https://security.netapp.com/advisory/ntap-20200821-0001
- https://www.openwall.com/lists/oss-security/2020/07/08/1
Affected packages
Go / k8s.io/kubernetes
Package
- Name
- k8s.io/kubernetes
- View open source insights on deps.dev
- Purl
- pkg:golang/k8s.io/kubernetes