VDB
GO-2023-1891
GO-2023-1891
PUBLISHED
Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| k8s.io | kubernetes | 0, 1.25.0, 1.26.0 |
Timeline
- Aug 20, 2024 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/advisories/GHSA-qc2g-gmh6-95p4 advisory
- http://www.openwall.com/lists/oss-security/2023/07/06/2 url
- https://github.com/kubernetes/kubernetes/issues/118640 url
- https://github.com/kubernetes/kubernetes/pull/118356 url
- https://github.com/kubernetes/kubernetes/pull/118471 url
- https://github.com/kubernetes/kubernetes/pull/118473 url
- https://github.com/kubernetes/kubernetes/pull/118474 url
- https://github.com/kubernetes/kubernetes/pull/118512 url
- https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8 url