Vulnerability Database
Blog
FAQ
Docs
GO-2022-0885
See a problem?
Please try reporting it
to the source
first.
Source
https://pkg.go.dev/vuln/GO-2022-0885
Import Source
https://vuln.go.dev/ID/GO-2022-0885.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2022-0885
Aliases
CVE-2020-8558
GHSA-wqv3-8cm6-h6wg
Published
2024-08-21T15:29:06Z
Modified
2024-09-11T06:13:26.057724Z
Summary
Improper Authentication in Kubernetes in k8s.io/kubernetes
Details
Improper Authentication in Kubernetes in k8s.io/kubernetes
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558
https://github.com/bottlerocket-os/bottlerocket/security/advisories/GHSA-wqv3-8cm6-h6wg
https://nvd.nist.gov/vuln/detail/CVE-2020-8558
https://bugzilla.redhat.com/show_bug.cgi?id=1843358
https://github.com/kubernetes/kubernetes/issues/92315
https://github.com/tabbysable/POC-2020-8558
https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ
https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE
https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation
https://security.netapp.com/advisory/ntap-20200821-0001
https://www.openwall.com/lists/oss-security/2020/07/08/1
Affected packages
Go
/
k8s.io/kubernetes
Package
Name
k8s.io/kubernetes
View open source insights on deps.dev
Purl
pkg:golang/k8s.io/kubernetes
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.16.11
Introduced
1.17.0
Fixed
1.17.7
Introduced
1.18.0
Fixed
1.18.4
GO-2022-0885 - OSV