The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.
{
"unresolved_ranges": [
{
"vendor_product": "kubernetes:kubernetes",
"cpes": [
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "1.13.0-alpha0"
},
{
"last_affected": "1.13.0-alpha0"
},
{
"introduced": "1.13.0-alpha0"
},
{
"last_affected": "1.13.0-alpha0"
},
{
"introduced": "1.13.0-alpha1"
},
{
"last_affected": "1.13.0-alpha1"
},
{
"introduced": "1.13.0-alpha1"
},
{
"last_affected": "1.13.0-alpha1"
},
{
"introduced": "1.13.0-alpha2"
},
{
"last_affected": "1.13.0-alpha2"
},
{
"introduced": "1.13.0-alpha2"
},
{
"last_affected": "1.13.0-alpha2"
},
{
"introduced": "1.13.0-alpha3"
},
{
"last_affected": "1.13.0-alpha3"
},
{
"introduced": "1.13.0-alpha3"
},
{
"last_affected": "1.13.0-alpha3"
},
{
"introduced": "1.13.0-beta0"
},
{
"last_affected": "1.13.0-beta0"
},
{
"introduced": "1.13.0-beta0"
},
{
"last_affected": "1.13.0-beta0"
},
{
"introduced": "1.13.0-beta1"
},
{
"last_affected": "1.13.0-beta1"
},
{
"introduced": "1.13.0-beta1"
},
{
"last_affected": "1.13.0-beta1"
},
{
"introduced": "1.13.0-beta2"
},
{
"last_affected": "1.13.0-beta2"
},
{
"introduced": "1.13.0-beta2"
},
{
"last_affected": "1.13.0-beta2"
},
{
"introduced": "1.13.0-rc1"
},
{
"last_affected": "1.13.0-rc1"
},
{
"introduced": "1.13.0-rc1"
},
{
"last_affected": "1.13.0-rc1"
},
{
"introduced": "1.13.0-rc2"
},
{
"last_affected": "1.13.0-rc2"
},
{
"introduced": "1.13.0-rc2"
},
{
"last_affected": "1.13.0-rc2"
},
{
"introduced": "1.13.1-beta0"
},
{
"last_affected": "1.13.1-beta0"
},
{
"introduced": "1.13.1-beta0"
},
{
"last_affected": "1.13.1-beta0"
},
{
"introduced": "1.13.2-beta0"
},
{
"last_affected": "1.13.2-beta0"
},
{
"introduced": "1.13.2-beta0"
},
{
"last_affected": "1.13.2-beta0"
},
{
"introduced": "1.13.3-beta0"
},
{
"last_affected": "1.13.3-beta0"
},
{
"introduced": "1.13.3-beta0"
},
{
"last_affected": "1.13.3-beta0"
},
{
"introduced": "1.13.4-beta0"
},
{
"last_affected": "1.13.4-beta0"
},
{
"introduced": "1.13.4-beta0"
},
{
"last_affected": "1.13.4-beta0"
},
{
"introduced": "1.13.5-beta0"
},
{
"last_affected": "1.13.5-beta0"
},
{
"introduced": "1.13.5-beta0"
},
{
"last_affected": "1.13.5-beta0"
},
{
"introduced": "1.13.6-beta0"
},
{
"last_affected": "1.13.6-beta0"
},
{
"introduced": "1.13.6-beta0"
},
{
"last_affected": "1.13.6-beta0"
},
{
"introduced": "1.14.0-alpha0"
},
{
"last_affected": "1.14.0-alpha0"
},
{
"introduced": "1.14.0-alpha0"
},
{
"last_affected": "1.14.0-alpha0"
},
{
"introduced": "1.14.0-alpha1"
},
{
"last_affected": "1.14.0-alpha1"
},
{
"introduced": "1.14.0-alpha1"
},
{
"last_affected": "1.14.0-alpha1"
},
{
"introduced": "1.14.0-alpha2"
},
{
"last_affected": "1.14.0-alpha2"
},
{
"introduced": "1.14.0-alpha2"
},
{
"last_affected": "1.14.0-alpha2"
},
{
"introduced": "1.14.0-alpha3"
},
{
"last_affected": "1.14.0-alpha3"
},
{
"introduced": "1.14.0-alpha3"
},
{
"last_affected": "1.14.0-alpha3"
},
{
"introduced": "1.14.0-beta0"
},
{
"last_affected": "1.14.0-beta0"
},
{
"introduced": "1.14.0-beta0"
},
{
"last_affected": "1.14.0-beta0"
},
{
"introduced": "1.14.0-beta1"
},
{
"last_affected": "1.14.0-beta1"
},
{
"introduced": "1.14.0-beta1"
},
{
"last_affected": "1.14.0-beta1"
},
{
"introduced": "1.14.0-beta2"
},
{
"last_affected": "1.14.0-beta2"
},
{
"introduced": "1.14.0-beta2"
},
{
"last_affected": "1.14.0-beta2"
},
{
"introduced": "1.14.0-rc1"
},
{
"last_affected": "1.14.0-rc1"
},
{
"introduced": "1.14.0-rc1"
},
{
"last_affected": "1.14.0-rc1"
},
{
"introduced": "1.14.1-beta0"
},
{
"last_affected": "1.14.1-beta0"
},
{
"introduced": "1.14.1-beta0"
},
{
"last_affected": "1.14.1-beta0"
},
{
"introduced": "1.14.2-beta0"
},
{
"last_affected": "1.14.2-beta0"
},
{
"introduced": "1.14.2-beta0"
},
{
"last_affected": "1.14.2-beta0"
},
{
"introduced": "1.14.3-beta0"
},
{
"last_affected": "1.14.3-beta0"
},
{
"introduced": "1.14.3-beta0"
},
{
"last_affected": "1.14.3-beta0"
},
{
"introduced": "1.15.0-alpha0"
},
{
"last_affected": "1.15.0-alpha0"
},
{
"introduced": "1.15.0-alpha0"
},
{
"last_affected": "1.15.0-alpha0"
},
{
"introduced": "1.15.0-alpha1"
},
{
"last_affected": "1.15.0-alpha1"
},
{
"introduced": "1.15.0-alpha1"
},
{
"last_affected": "1.15.0-alpha1"
},
{
"introduced": "1.15.0-alpha2"
},
{
"last_affected": "1.15.0-alpha2"
},
{
"introduced": "1.15.0-alpha2"
},
{
"last_affected": "1.15.0-alpha2"
},
{
"introduced": "1.15.0-alpha3"
},
{
"last_affected": "1.15.0-alpha3"
},
{
"introduced": "1.15.0-alpha3"
},
{
"last_affected": "1.15.0-alpha3"
},
{
"introduced": "1.15.0-beta0"
},
{
"last_affected": "1.15.0-beta0"
},
{
"introduced": "1.15.0-beta0"
},
{
"last_affected": "1.15.0-beta0"
},
{
"introduced": "1.15.0-beta1"
},
{
"last_affected": "1.15.0-beta1"
},
{
"introduced": "1.15.0-beta1"
},
{
"last_affected": "1.15.0-beta1"
},
{
"introduced": "1.15.0-beta2"
},
{
"last_affected": "1.15.0-beta2"
},
{
"introduced": "1.15.0-beta2"
},
{
"last_affected": "1.15.0-beta2"
},
{
"introduced": "1.15.0-rc1"
},
{
"last_affected": "1.15.0-rc1"
},
{
"introduced": "1.15.0-rc1"
},
{
"last_affected": "1.15.0-rc1"
}
]
}
]
}{
"cpe": [
"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.12.10"
},
{
"introduced": "1.13.0-NA"
},
{
"last_affected": "1.13.0-NA"
},
{
"introduced": "1.13.1-NA"
},
{
"last_affected": "1.13.1-NA"
},
{
"introduced": "1.13.2-NA"
},
{
"last_affected": "1.13.2-NA"
},
{
"introduced": "1.13.3-NA"
},
{
"last_affected": "1.13.3-NA"
},
{
"introduced": "1.13.4-NA"
},
{
"last_affected": "1.13.4-NA"
},
{
"introduced": "1.13.5-NA"
},
{
"last_affected": "1.13.5-NA"
},
{
"introduced": "1.13.6-NA"
},
{
"last_affected": "1.13.6-NA"
},
{
"introduced": "1.13.7-NA"
},
{
"last_affected": "1.13.7-NA"
},
{
"introduced": "1.13.7-beta\\.0"
},
{
"last_affected": "1.13.7-beta\\.0"
},
{
"introduced": "1.13.8-beta\\.0"
},
{
"last_affected": "1.13.8-beta\\.0"
},
{
"introduced": "1.14.0-NA"
},
{
"last_affected": "1.14.0-NA"
},
{
"introduced": "1.14.1-NA"
},
{
"last_affected": "1.14.1-NA"
},
{
"introduced": "1.14.2-NA"
},
{
"last_affected": "1.14.2-NA"
},
{
"introduced": "1.14.3-NA"
},
{
"last_affected": "1.14.3-NA"
},
{
"introduced": "1.14.4-beta\\.0"
},
{
"last_affected": "1.14.4-beta\\.0"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}{
"cpe": [
"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*",
"cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.12.10"
},
{
"introduced": "1.13.0-NA"
},
{
"last_affected": "1.13.0-NA"
},
{
"introduced": "1.13.1-NA"
},
{
"last_affected": "1.13.1-NA"
},
{
"introduced": "1.13.2-NA"
},
{
"last_affected": "1.13.2-NA"
},
{
"introduced": "1.13.3-NA"
},
{
"last_affected": "1.13.3-NA"
},
{
"introduced": "1.13.4-NA"
},
{
"last_affected": "1.13.4-NA"
},
{
"introduced": "1.13.5-NA"
},
{
"last_affected": "1.13.5-NA"
},
{
"introduced": "1.13.6-NA"
},
{
"last_affected": "1.13.6-NA"
},
{
"introduced": "1.13.7-NA"
},
{
"last_affected": "1.13.7-NA"
},
{
"introduced": "1.13.7-beta\\.0"
},
{
"last_affected": "1.13.7-beta\\.0"
},
{
"introduced": "1.13.8-beta\\.0"
},
{
"last_affected": "1.13.8-beta\\.0"
},
{
"introduced": "1.14.0-NA"
},
{
"last_affected": "1.14.0-NA"
},
{
"introduced": "1.14.1-NA"
},
{
"last_affected": "1.14.1-NA"
},
{
"introduced": "1.14.2-NA"
},
{
"last_affected": "1.14.2-NA"
},
{
"introduced": "1.14.3-NA"
},
{
"last_affected": "1.14.3-NA"
},
{
"introduced": "1.14.4-beta\\.0"
},
{
"last_affected": "1.14.4-beta\\.0"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}