{"vulnerability": "CVE-2019-1125", "sightings": [{"uuid": "bb65519c-5f63-4196-9ad3-d380edce6e43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11254", "type": "published-proof-of-concept", "source": "https://t.me/k8security/10", "content": "Kubernetes Product Security Team \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n- CVE-2019-11254 (https://github.com/kubernetes/kubernetes/issues/89535): kube-apiserver DoS - \u0443\u0440\u043e\u0432\u0435\u043d\u044c Medium\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 kube-apiserver, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e YAML \u0444\u0430\u0439\u043b\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445:\n- v1.17.3\n- v1.16.7\n- v1.15.10\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0442\u0435\u0445 \u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u044f\u0445, \u0447\u0442\u043e \u0438 CVE-2020-8552 \u0438 CVE-2020-8551 - \u043d\u0435\u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e. \n\n\u0418\u0437 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u0440\u043e\u0435\u043a\u0442\u0443 OSS-Fuzz \u043e\u0442 \u0440\u0435\u0431\u044f\u0442 \u0438\u0437 Google. \u041f\u0440\u043e\u0435\u043a\u0442 Kubernetes \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0442\u0443\u0434\u0430 \u0438 \u0444\u0430\u0437\u0438\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e go-fuzz \u0438 libfuzzer - \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435. PoC \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u0442\u0443\u0442.", "creation_timestamp": "2020-04-01T07:23:57.000000Z"}, {"uuid": "37836bef-1c27-4f39-a631-c5fd0cbd67ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lp3wn5crqf2b", "content": "", "creation_timestamp": "2025-05-14T02:17:23.158053Z"}, {"uuid": "306a7b4d-c637-44df-b6e2-fec7d97cb5d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11250", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwmx7x5sdf2u", "content": "", "creation_timestamp": "2025-08-17T22:39:31.132976Z"}, {"uuid": "7db37396-0be6-47a5-8cd5-bebcc7741486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbaarkzgqv2d", "content": "", "creation_timestamp": "2025-12-30T21:02:57.629221Z"}, {"uuid": "fbd64e08-15c6-4d0a-b24f-552b5a049782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://bsky.app/profile/bennettelder.net/post/3lp2t2bpbzk2x", "content": "", "creation_timestamp": "2025-05-13T15:40:29.496685Z"}, {"uuid": "33156075-6a4f-4fca-8e8c-e4813fa5a57d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-11253.yaml", "content": "", "creation_timestamp": "2025-12-26T15:26:28.000000Z"}, {"uuid": "2f4d0591-fe8b-4be7-a352-b1d1c5ff4b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11250", "type": "seen", "source": "https://t.me/k8security/128", "content": "\u041c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0443\u0442\u0435\u0447\u043a\u043e\u0439 secret \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u043c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438\n\n- CVE-2020-8563: \u0423\u0442\u0435\u0447\u043a\u0430 VSphere Cloud \u043a\u0440\u0435\u0434\u043e\u0432 (\u0438\u0437 secret) \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u0433\u0438 \u043f\u0440\u0438 logLevel >= 4\n- CVE-2020-8564: \u0423\u0442\u0435\u0447\u043a\u0430 pull secrets \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u0440\u0435\u0434 \u0432 docker \u043a\u043e\u043d\u0444\u0438\u0433 \u0444\u0430\u0439\u043b\u0435 \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u0433\u0438 \u043f\u0440\u0438 loglevel >= 4\n- CVE-2020-8565: \u0423\u0442\u0435\u0447\u043a\u0430 Kubernetes authorization tokens (\u0432\u043a\u043b\u044e\u0447\u0430\u044f bearer tokens \u0438 basic auth) \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0444\u0438\u043a\u0441\u0430 CVE-2019-11250 \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u0433\u0438 \u043f\u0440\u0438 logLevel >= 9\n- CVE-2020-8566: \u0423\u0442\u0435\u0447\u043a\u0430 Ceph RBD Admin secrets \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u0433\u0438 \u043f\u0440\u0438 loglevel >= 4  \n\n\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u0431\u0437\u043e\u0440 CVE-2020-8563 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0442\u0443\u0442.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u043e, \u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0447\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0439 \u043b\u043e\u0433 =)", "creation_timestamp": "2020-10-19T07:56:11.000000Z"}, {"uuid": "6697141c-791b-4374-8591-297b1a964b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11255", "type": "seen", "source": "https://t.me/ctinow/202499", "content": "https://ift.tt/Eqzb6CK\nCVE-2019-11255 | Kubernetes CSI Sidecar Container Persistent input validation (RHSA-2019:4054)", "creation_timestamp": "2024-03-07T15:41:40.000000Z"}, {"uuid": "35efb41e-454c-41a5-8400-f512b59f601c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1125", "type": "seen", "source": "https://t.me/ctinow/14366", "content": "SWAPGS Attack \u2014 New Speculative Execution Flaw Affects All Modern Intel CPUs A new variant of the Spectre (Variant 1)\u00a0side-channel vulnerability has been discovered that affects modern Intel CPUs which leverage speculative-execution, and some AMD processors as well, Microsoft and Red Hat warn.\n\nIdentified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory,", "creation_timestamp": "2019-08-06T22:24:13.000000Z"}, {"uuid": "f648562d-3459-47b4-937a-9756653e3332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1125", "type": "seen", "source": "https://t.me/ctinow/14358", "content": "This vulnerability was given CVE ID CVE-2019-1125 and is titled", "creation_timestamp": "2019-08-06T20:25:49.000000Z"}, {"uuid": "e6e369e7-7d10-482a-bf74-6ce74d1e3600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://t.me/ctinow/168766", "content": "https://ift.tt/HV5B4AI\nCVE-2019-11253 | Kubernetes up to 1.0-1.12/1.13.11/1.14.7/1.15.4/1.16.1 API Server JSON Payload input validation (RHSA-2019:3239)", "creation_timestamp": "2024-01-16T12:06:53.000000Z"}, {"uuid": "e5ac1602-46e8-4f1d-9b7e-6ea248ab378a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1125", "type": "seen", "source": "https://t.me/thehackernews/413", "content": "\ud83d\udcbb SWAPGS Attack [CVE-2019-1125]\n\nA new Spectre (v1) like side-channel vulnerability affects all modern #Intel CPUs that leverage speculative execution.\n\nhttps://thehackernews.com/2019/08/swapgs-speculative-execution.html\n\nAccording to Microsoft & Red Hat advisories, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens and encryption keys, that would otherwise be inaccessible.", "creation_timestamp": "2023-11-07T15:02:36.000000Z"}, {"uuid": "09ff5b8b-9717-4a92-b2e3-01a940c02631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/413", "content": "#exploit\n#Cloud_Security\nCVE-2019-11253:\nKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack\nhttps://github.com/kubernetes/kubernetes/issues/83253", "creation_timestamp": "2024-10-08T20:44:11.000000Z"}, {"uuid": "142eabe0-23f6-45ae-96e1-180d2508c9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://t.me/warmakerz/1174", "content": "The hilarious Billion Laughs vulnerability is essentially an XML bomb that causes denial of service through exponential entity expansion.\n\nThe attack defines a hierarchy of DTD entities , where each entity references multiple instances of the previous one, which leads to exponential growth of content during parsing and exhaustion of memory/CPU in the XML parser.\n\nBy the way, a similar technique exists for YAML, with the ironic name YAML-BOMB . Here anchors and aliases are expanded as macros, leading to DoS (for example, CVE-2019-11253 in Kubernetes)\n\n\u27a1\ufe0f\u27a1\ufe0f  @WarmakerZ  \u2b05\ufe0f\u2b05\ufe0f", "creation_timestamp": "2025-04-29T03:53:00.000000Z"}, {"uuid": "5c5ce964-ab7d-4fd3-ac93-e88e4ca7502b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11253", "type": "seen", "source": "https://t.me/cibsecurity/7478", "content": "\u274c Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS \u274c\n\nThe flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.\n\n\ud83d\udcd6 Read\n\nvia \"Threatpost\".", "creation_timestamp": "2019-10-17T16:32:14.000000Z"}, {"uuid": "b7bdd6fb-ee32-4e05-956a-d7ec43bf9329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11254", "type": "seen", "source": "https://t.me/cibsecurity/10919", "content": "ATENTION\u203c New - CVE-2019-11254\n\nThe Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-02T00:28:23.000000Z"}, {"uuid": "921a6e9f-0fb3-4c43-bb67-38f7799b1b06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11252", "type": "seen", "source": "https://t.me/cibsecurity/13620", "content": "ATENTION\u203c New - CVE-2019-11252\n\nThe Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-23T18:55:29.000000Z"}]}