The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

References

github.com/kubernetes/kubernetes/issues/89535

groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ

security.netapp.com/advisory/ntap-20200413-0003/

redhatcve 1

cgr 1

ubuntucve 1

wolfi 1

broadcom 1

cvelist 1

nvd 1

github 1

nessus 4

ibm 15

veracode 1

osv 4

prion 1

debiancve 1

gitlab 1

cve 1

oraclelinux 4

redhat 4

f5 1

redhatcve

CVE-2019-11254

2020-04-01 00:32:01

cgr

CVE-2019-11254 vulnerabilities

2024-05-19 03:07:16

ubuntucve

CVE-2019-11254

2020-04-01 00:00:00

wolfi

CVE-2019-11254 vulnerabilities

2024-09-30 03:53:08

broadcom

YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML (CVE-2019-11254)

2023-11-07 00:00:00

cvelist

CVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads

2020-04-01 20:30:15

nvd

CVE-2019-11254

2020-04-01 21:15:13

github

Excessive Platform Resource Consumption within a Loop in Kubernetes

2021-12-20 16:55:06

nessus

Kubernetes < 1.15.10 / 1.16.x < 1.16.7 / 1.17.x < 1.17.3 DoS

2020-09-08 00:00:00

Oracle Linux 7 : olcne / kubernetes (ELSA-2020-5653)

2023-09-07 00:00:00

RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:2479)

2020-06-19 00:00:00

ibm

Security Bulletin: IBM Cloud Private is vulnerable to a Kubernetes vulnerability (CVE-2019-11254)

2020-08-18 22:10:35

Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes (CVE-2019-11254)

2020-05-11 18:45:10

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2019-11254)

2020-07-21 19:34:13

veracode

Denial Of Service (DoS)

2020-04-02 03:17:51

osv

Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2

2021-04-14 20:04:52

Excessive Platform Resource Consumption within a Loop in Kubernetes

2021-12-20 16:55:06

etcd-3.5.2-1.1 on GA media

2024-06-15 00:00:00

prion

Code injection

2020-04-01 21:15:00

debiancve

CVE-2019-11254

2020-04-01 21:15:13

gitlab

Excessive Platform Resource Consumption within a Loop in Kubernetes

2021-12-20 00:00:00

cve

CVE-2019-11254

2020-04-01 21:15:13

oraclelinux

olcne kubernetes security update

2020-04-17 00:00:00

kubernetes-cni-plugins kubernetes-cni kubernetes olcne security update

2020-06-12 00:00:00

grafana kubernetes-cni kubernetes-cni-plugins kubernetes kubernetes olcne security update

2020-06-12 00:00:00

redhat

(RHSA-2020:0933) Moderate: OpenShift Container Platform 4.3.9 ose-openshift-apiserver-container security update

2020-04-01 18:42:03

(RHSA-2020:2479) Moderate: OpenShift Container Platform 3.11 atomic-openshift security update

2020-06-18 03:52:41

(RHSA-2020:2413) Moderate: OpenShift Container Platform 4.5 package security update

2020-07-13 16:35:46

K000134748 : Kubernetes vulnerabilities CVE-2019-1002100, CVE-2019-11254, CVE-2017-1002101, and CVE-2017-1002102

2023-05-23 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

42.9%

JSON

Related for OSV:CVE-2019-11254