Source: kubernetes
Version: 1.7.16+dfsg-1
Severity: grave
Tags: security upstream


The following vulnerability was published for kubernetes.

| In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3,
| incorrect handling of error responses to proxied upgrade requests in
| the kube-apiserver allowed specially crafted requests to establish a
| connection through the Kubernetes API server to backend servers, then
| send arbitrary requests over the same connection directly to the
| backend, authenticated with the Kubernetes API server's TLS
| credentials used to establish the backend connection.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:



Reply via email to