/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CVE-2019-1002100

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2019-1002100

Severity

6.5

Medium

CVSS V3

Description

In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. kubectl patch --type json or "Content-Type: application/json-patch+json") that consumes excessive resources while processing, causing a Denial of Service on the API Server.

References

Affected packages


Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing