VDB
RHSA-2020%3A1277
RHSA-2020%3A1277
PUBLISHED
CVSS 4.300000190734863 MEDIUM
A denial of service flaw was found in Kubernetes' Kubelet API. A remote attacker can exploit this flaw by sending repeated, crafted HTTP requests to exhaust available memory and cause a crash.
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-hyperkube@sha256:cfc68acee9fb003f2c74820d0a2b0e3e3c677a658d5f76fc2c0481ee99124491_amd64 as a component of Red Hat OpenShift Container Platform 4.3 | openshift4/ose-hyperkube@sha256:cfc68acee9fb003f2c74820d0a2b0e3e3c677a658d5f76fc2c0481ee99124491_amd64 |
Timeline
- Apr 8, 2020 CVE Published
- Feb 23, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2020:1277 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1816403 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1277.json advisory
- https://access.redhat.com/security/cve/CVE-2020-8551 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-8551 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-8551 advisory
- https://github.com/kubernetes/kubernetes/issues/89377 advisory
- https://groups.google.com/forum/#!topic/kubernetes-security-announce/2UOlsba2g0s advisory