Max CVSS | 5.8 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-9283 | 5.0 |
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH cl
|
17-06-2023 - 00:15 | 20-02-2020 - 20:15 | |
CVE-2020-8945 | 5.1 |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
|
18-10-2022 - 17:59 | 12-02-2020 - 18:15 | |
CVE-2020-8558 | 5.8 |
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's
|
20-09-2022 - 17:17 | 27-07-2020 - 20:15 | |
CVE-2019-11254 | 4.0 |
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
|
02-10-2020 - 17:37 | 01-04-2020 - 21:15 | |
CVE-2019-11252 | 5.0 |
The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.
|
28-07-2020 - 16:27 | 23-07-2020 - 15:15 |