VDB
BDU%3A2020-00025
BDU%3A2020-00025
PUBLISHED
CVSS 7.800000190734863 HIGH
Уязвимость библиотеки синтаксического анализатора YAML программного средства управления кластерами виртуальных машин Kubernetes, позволяющая нарушителю вызвать отказ в обслуживании
Risk Scores
CVSS 2.0
7.800000190734863
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Inc., Google Inc | OpenShift Container Platform, Kubernetes |
Exploit Intelligence
- CVE.json (github-poc)
- .trivyignore.yaml (github-poc)
- Nuclei Template: CVE-2019-11253 (nuclei-template)
Timeline
- Jan 8, 2020 CVE Published
- Mar 18, 2026 Distribution Patch
- Mar 18, 2026 Distribution Patch
- Mar 18, 2026 Distribution Patch
- Mar 18, 2026 Distribution Patch
- Mar 18, 2026 Security Advisory
- Mar 18, 2026 Security Advisory
- Mar 18, 2026 Security Advisory
- Mar 18, 2026 Security Advisory
References
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2019-11253&scoretype=cvssv2 url
- https://blog.paloaltonetworks.com/2019/10/cloud-kubernetes-vulnerabilities/ url
- https://github.com/kubernetes/kubernetes/issues/83253 url
- https://github.com/kubernetes/kubernetes/pull/83261 url
- https://access.redhat.com/errata/RHSA-2019:3132 url
- https://access.redhat.com/errata/RHSA-2019:3811 url
- https://access.redhat.com/errata/RHSA-2019:3239 url
- https://access.redhat.com/errata/RHSA-2019:3905 url
- https://access.redhat.com/security/cve/cve-2019-11253 url