CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.

References

Affected packages

Git / github.com/kubernetes/kubernetes

Affected ranges

Type

GIT

Repo

https://github.com/kubernetes/kubernetes

Events

Introduced

e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529

Last affected

2e808b7cb054ee242b68e62455323aa783991f03

Introduced

2bd9643cee5b3b3a5ecbd3af49d09018f0773c77

Last affected

72c30166b2105cd7d3350f2c28a219e6abcd79eb

Introduced

70132b0f130acc0bed193d9ba59dd186f0e634cf

Last affected

59603c6e503c87169aea6106f57b9f242f64df89

Database specific

{
    "versions": [
        {
            "introduced": "1.15.0"
        },
        {
            "last_affected": "1.15.9"
        },
        {
            "introduced": "1.16.0"
        },
        {
            "last_affected": "1.16.6"
        },
        {
            "introduced": "1.17.0"
        },
        {
            "last_affected": "1.17.2"
        }
    ]
}

Affected versions

v1.*

v1.15.0

v1.15.1

v1.15.1-beta.0

v1.15.2

v1.15.2-beta.0

v1.15.3

v1.15.3-beta.0

v1.15.4

v1.15.4-beta.0

v1.15.5

v1.15.5-beta.0

v1.15.6

v1.15.6-beta.0

v1.15.7

v1.15.7-beta.0

v1.15.8

v1.15.8-beta.0

v1.15.8-beta.1

v1.15.9

v1.15.9-beta.0

v1.16.0

v1.16.1

v1.16.1-beta.0

v1.16.2

v1.16.2-beta.0

v1.16.3

v1.16.3-beta.0

v1.16.4

v1.16.4-beta.0

v1.16.5

v1.16.5-beta.0

v1.16.5-beta.1

v1.16.6

v1.16.6-beta.0

v1.17.0

v1.17.1

v1.17.1-beta.0

v1.17.2

v1.17.2-beta.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8551.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "32"
            }
        ]
    }
]