Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:golang/github.com/kubernetes/kubernetes@1.10.11
Typegolang
Namespacegithub.com/kubernetes
Namekubernetes
Version1.10.11
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.11.5
Latest_non_vulnerable_version1.25.4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3m8h-88sb-f7hk
vulnerability_id VCID-3m8h-88sb-f7hk
summary 
Privilege Escalation in Kubernetes
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:3537
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3537
1
reference_url https://access.redhat.com/errata/RHSA-2018:3549
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3549
2
reference_url https://access.redhat.com/errata/RHSA-2018:3551
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3551
3
reference_url https://access.redhat.com/errata/RHSA-2018:3598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3598
4
reference_url https://access.redhat.com/errata/RHSA-2018:3624
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3624
5
reference_url https://access.redhat.com/errata/RHSA-2018:3742
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3742
6
reference_url https://access.redhat.com/errata/RHSA-2018:3752
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3752
7
reference_url https://access.redhat.com/errata/RHSA-2018:3754
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3754
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1002105
reference_id
reference_type
scores
0
value 0.90349
scoring_system epss
scoring_elements 0.99605
published_at 2026-04-24T12:55:00Z
1
value 0.90698
scoring_system epss
scoring_elements 0.99622
published_at 2026-04-16T12:55:00Z
2
value 0.90698
scoring_system epss
scoring_elements 0.99619
published_at 2026-04-02T12:55:00Z
3
value 0.90698
scoring_system epss
scoring_elements 0.9962
published_at 2026-04-07T12:55:00Z
4
value 0.90698
scoring_system epss
scoring_elements 0.99621
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1002105
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/evict/poc_CVE-2018-1002105
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/evict/poc_CVE-2018-1002105
13
reference_url https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905
14
reference_url https://github.com/kubernetes/kubernetes/issues/71411
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kubernetes/kubernetes/issues/71411
15
reference_url https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88
16
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1002105
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1002105
18
reference_url https://security.netapp.com/advisory/ntap-20190416-0001
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190416-0001
19
reference_url https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do
20
reference_url https://www.exploit-db.com/exploits/46052
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46052
21
reference_url https://www.exploit-db.com/exploits/46053
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46053
22
reference_url https://www.openwall.com/lists/oss-security/2019/06/28/2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2019/06/28/2
23
reference_url https://www.openwall.com/lists/oss-security/2019/07/06/3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2019/07/06/3
24
reference_url https://www.openwall.com/lists/oss-security/2019/07/06/4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2019/07/06/4
25
reference_url https://www.securityfocus.com/bid/106068
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.securityfocus.com/bid/106068
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1648138
reference_id 1648138
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1648138
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828
reference_id 915828
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828
28
reference_url https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py
reference_id CVE-2018-1002105
reference_type exploit
scores
url https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py
29
reference_url https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py
reference_id CVE-2018-1002105
reference_type exploit
scores
url https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py
30
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py
reference_id CVE-2018-1002105
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py
reference_id CVE-2018-1002105
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py
fixed_packages
0
url pkg:golang/github.com/kubernetes/kubernetes@1.10.11
purl pkg:golang/github.com/kubernetes/kubernetes@1.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/kubernetes/kubernetes@1.10.11
1
url pkg:golang/github.com/kubernetes/kubernetes@1.11.5
purl pkg:golang/github.com/kubernetes/kubernetes@1.11.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/kubernetes/kubernetes@1.11.5
2
url pkg:golang/github.com/kubernetes/kubernetes@1.12.3
purl pkg:golang/github.com/kubernetes/kubernetes@1.12.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/kubernetes/kubernetes@1.12.3
aliases CVE-2018-1002105, GHSA-579h-mv94-g4gp
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3m8h-88sb-f7hk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:golang/github.com/kubernetes/kubernetes@1.10.11