VulnerableCode Package Details - pkg:golang/k8s.io/kubernetes@1.17.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:golang/k8s.io/kubernetes@1.17.2

Essentials
History (1)

purl	pkg:golang/k8s.io/kubernetes@1.17.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ptve-3k7k-cqcm	Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.	CVE-2020-8551 GHSA-qhm4-jxv7-j9pq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:06:06.977348+00:00	GithubOSV Importer	Fixing	VCID-ptve-3k7k-cqcm	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-qhm4-jxv7-j9pq/GHSA-qhm4-jxv7-j9pq.json	38.0.0