OESA-2022-1979
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1979
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1979.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1979
- Upstream
- Published
- 2022-10-14T11:04:23Z
- Modified
- 2025-08-12T05:13:55.836870Z
- Summary
- kubernetes security update
- Details
-
Container cluster management.
Security Fix(es):
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties.
ref: https://github.com/kubernetes/kubernetes/issues/112513(CVE-2022-3172)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP1 / kubernetes
Package
- Name
- kubernetes
- Purl
- pkg:rpm/openEuler/kubernetes&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.20.2-9.oe1
Ecosystem specific
{
"src": [
"kubernetes-1.20.2-9.oe1.src.rpm"
],
"aarch64": [
"kubernetes-kubelet-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-kubeadm-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-client-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-node-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-help-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-master-1.20.2-9.oe1.aarch64.rpm"
],
"x86_64": [
"kubernetes-node-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-client-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-kubelet-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-kubeadm-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-help-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-master-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-1.20.2-9.oe1.x86_64.rpm"
]
}
openEuler:20.03-LTS-SP3 / kubernetes
Package
- Name
- kubernetes
- Purl
- pkg:rpm/openEuler/kubernetes&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.20.2-9.oe1
Ecosystem specific
{
"src": [
"kubernetes-1.20.2-9.oe1.src.rpm"
],
"aarch64": [
"kubernetes-kubeadm-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-kubelet-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-client-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-help-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-node-1.20.2-9.oe1.aarch64.rpm",
"kubernetes-master-1.20.2-9.oe1.aarch64.rpm"
],
"x86_64": [
"kubernetes-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-help-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-kubeadm-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-master-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-node-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-client-1.20.2-9.oe1.x86_64.rpm",
"kubernetes-kubelet-1.20.2-9.oe1.x86_64.rpm"
]
}
openEuler:22.03-LTS / kubernetes
Package
- Name
- kubernetes
- Purl
- pkg:rpm/openEuler/kubernetes&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.20.2-9.oe2203
Ecosystem specific
{
"src": [
"kubernetes-1.20.2-9.oe2203.src.rpm"
],
"aarch64": [
"kubernetes-help-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-kubelet-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-node-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-client-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-kubeadm-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-master-1.20.2-9.oe2203.aarch64.rpm",
"kubernetes-1.20.2-9.oe2203.aarch64.rpm"
],
"x86_64": [
"kubernetes-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-kubelet-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-kubeadm-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-master-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-node-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-help-1.20.2-9.oe2203.x86_64.rpm",
"kubernetes-client-1.20.2-9.oe2203.x86_64.rpm"
]
}