Security Advisory

CVE-2019-11250

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-29 00:40:43

Last updated 2024-09-17 02:06:55

Assigner kubernetes

State PUBLISHED

Description

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected.

← Browse all CVEs View on cve.org ↗