Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kubernetes API Server denial of service vulnerability from malicious YAML payloads
Vulnerability Description
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
循环内过多的平台资源消耗
Vulnerability Title
Kubernetes API Server 安全漏洞
Vulnerability Description
Kubernetes是美国Linux基金会的一套开源的Docker容器集群管理系统。该系统为容器化的应用提供资源调度、部署运行、服务发现和扩容缩容等功能。 Kubernetes API Server 1.15.10之前版本、1.16.7之前版本和1.17.3之前版本中的API Server组件存在安全漏洞。远程攻击者可借助特制请求利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A