DirectorySecurity Advisories
Sign In
Security Advisories

CGA-c7mh-q2h5-qwr6

Published

Last updated

https://images.chainguard.dev/security/CGA-c7mh-q2h5-qwr6
Package

k3d

Latest Update
Fixed
Fixed Version

5.6.0-r11

Aliases
  • CVE-2019-11254
  • GHSA-wxc4-f4m6-wwqv

Severity

6.5

Medium

CVSS V3

Summary

Excessive Platform Resource Consumption within a Loop in Kubernetes

Description

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images