GHSA-xx8c-m748-xr4j

Source
https://github.com/advisories/GHSA-xx8c-m748-xr4j
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-xx8c-m748-xr4j/GHSA-xx8c-m748-xr4j.json
Aliases
  • CVE-2016-1905
Published
2022-02-15T01:57:18Z
Modified
2023-11-08T03:58:23.119635Z
Details

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.

Specific Go Packages Affected

github.com/kubernetes/kubernetes/pkg/apiserver

References

Affected packages

Go / github.com/kubernetes/kubernetes

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
1.2.0-alpha.6

Database specific

{
    "last_known_affected_version_range": "<= 1.2.0-alpha.5"
}