Authorization tokens may be inappropriately logged if the verbosity level is set to a debug level. This is due to an incomplete fix for CVE-2019-11250.

CPENameOperatorVersion
k8s.io/client-golt0.20.0-alpha.2
k8s.io/kuberneteslt1.20.0-alpha.2

CPE	Name	Operator	Version
	k8s.io/client-go	lt	0.20.0-alpha.2
	k8s.io/kubernetes	lt	1.20.0-alpha.2

References

github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419

github.com/kubernetes/kubernetes/issues/95623

github.com/kubernetes/kubernetes/pull/95316

cve 2

cvelist 2

redhatcve 2

hackerone 1

gitlab 6

nvd 2

github 2

prion 2

osv 5

veracode 2

symantec 1

ibm 20

nessus 9

redhat 5

debiancve 2

ubuntucve 2

wolfi 1

cbl_mariner 1

photon 10

fedora 1

openvas 2

cve

CVE-2020-8565

2020-12-07 22:15:21

CVE-2019-11250

2019-08-29 01:15:11

cvelist

CVE-2020-8565 Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9

2020-10-15 00:00:00

CVE-2019-11250 Kubernetes client-go logs authorization headers at debug verbosity levels

2019-08-12 00:00:00

redhatcve

CVE-2020-8565

2020-10-16 00:02:11

CVE-2019-11250

2019-08-13 02:23:16

hackerone

Kubernetes: CVE-2019-11250 remains in effect.

2020-08-06 17:42:21

gitlab

Insertion of Sensitive Information into Log File

2022-05-24 00:00:00

Credentials Management

2019-08-29 00:00:00

Insertion of Sensitive Information into Log File

2022-05-24 00:00:00

nvd

CVE-2019-11250

2019-08-29 01:15:11

CVE-2020-8565

2020-12-07 22:15:21

github

Kubernetes client-go library logs may disclose credentials to unauthorized users

2022-05-24 16:55:06

Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

2023-02-06 23:27:56

prion

Design/Logic Flaw

2019-08-29 01:15:00

Authorization

2020-12-07 22:15:00

osv

CVE-2019-11250

2019-08-29 01:15:11

Kubernetes client-go library logs may disclose credentials to unauthorized users

2022-05-24 16:55:06

Unauthorized credential disclosure in k8s.io/kubernetes and k8s.io/client-go

2021-04-14 20:04:52

veracode

Information Disclosure

2019-08-14 02:24:54

Information Disclosure

2023-02-10 12:44:49

symantec

Kubernetes CVE-2019-11250 Information Disclosure Vulnerability

2019-08-13 00:00:00

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information exposure in Kubernetes [CVE-2019-11250]

2024-06-20 18:19:06

Security Bulletin: A Security Vulnerability affects IBM Cloud Private Kubernetes (CVE-2019-11250)

2019-11-23 15:24:42

Security Bulletin: IBM Cloud Pak for Data Scheduling contains a vulnerable kubectl package ( CVE-2019-11250 )

2023-12-06 16:00:08

nessus

RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:4052)

2019-12-18 00:00:00

Photon OS 1.0: Kubernetes PHSA-2020-1.0-0288

2020-04-15 00:00:00

Photon OS 1.0: Kubernetes PHSA-2021-1.0-0376

2021-04-01 00:00:00

redhat

(RHSA-2019:4052) Moderate: OpenShift Container Platform 3.11 atomic-openshift security update

2019-12-16 13:47:29

(RHSA-2021:5085) Moderate: Red Hat OpenShift Data Foundation 4.9.0 enhancement, security, and bug fix update

2021-12-13 15:18:58

(RHSA-2019:4087) Moderate: OpenShift Container Platform 4.1 openshift security update

2019-12-17 01:57:41

debiancve

CVE-2019-11250

2019-08-29 01:15:11

CVE-2020-8565

2020-12-07 22:15:21

ubuntucve

CVE-2019-11250

2019-08-29 00:00:00

CVE-2020-8565

2020-12-07 00:00:00

wolfi

CVE-2020-8565 vulnerabilities

2024-06-29 09:08:33

cbl_mariner

CVE-2020-8565 affecting package kubernetes 1.17.13-6

2021-01-29 07:40:01

photon

Moderate Photon OS Security Update - PHSA-2021-0247

2021-03-18 00:00:00

Moderate Photon OS Security Update - PHSA-2021-3.0-0247

2021-06-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0288

2020-04-11 00:00:00

fedora

[SECURITY] Fedora 30 Update: kubernetes-1.15.2-1.fc30

2019-08-26 00:53:13

openvas

Fedora Update for kubernetes FEDORA-2019-2b8ef08c95

2019-08-27 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:3760-1)

2021-06-09 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.9%

JSON

Related for OSV:GO-2021-0064