oss-sec mailing list archives

CVE request for Kubernetes api server: patch operation should use patched object to check admission control

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 12 Jan 2016 10:20:59 -0700

CVE request for Kubernetes api server: patch operation should use patched
object to check admission control

https://github.com/kubernetes/kubernetes/issues/19479

TL;DR:  you can patch your resources and they'll always be allowed, so more
ram, disk, etc. CWE-285


-- 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert () redhat com

Current thread:

CVE request for Kubernetes api server: patch operation should use patched object to check admission control Kurt Seifried (Jan 12)
- Re: CVE request for Kubernetes api server: patch operation should use patched object to check admission control cve-assign (Jan 14)