Moderate severityNVD Advisory· Published Jun 3, 2020· Updated Aug 4, 2024
CVE-2020-10749
CVE-2020-10749
Description
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containernetworking/pluginsGo | < 0.8.6 | 0.8.6 |
Affected products
48- osv-coords47 versionspkg:apk/chainguard/cni-plugins-fipspkg:apk/chainguard/cni-plugins-fips-bandwidthpkg:apk/chainguard/cni-plugins-fips-bandwidth-compatpkg:apk/chainguard/cni-plugins-fips-bridgepkg:apk/chainguard/cni-plugins-fips-bridge-compatpkg:apk/chainguard/cni-plugins-fips-dhcppkg:apk/chainguard/cni-plugins-fips-dhcp-compatpkg:apk/chainguard/cni-plugins-fips-dummypkg:apk/chainguard/cni-plugins-fips-dummy-compatpkg:apk/chainguard/cni-plugins-fips-firewallpkg:apk/chainguard/cni-plugins-fips-firewall-compatpkg:apk/chainguard/cni-plugins-fips-host-devicepkg:apk/chainguard/cni-plugins-fips-host-device-compatpkg:apk/chainguard/cni-plugins-fips-host-localpkg:apk/chainguard/cni-plugins-fips-host-local-compatpkg:apk/chainguard/cni-plugins-fips-ipampkg:apk/chainguard/cni-plugins-fips-ipvlanpkg:apk/chainguard/cni-plugins-fips-ipvlan-compatpkg:apk/chainguard/cni-plugins-fips-loopbackpkg:apk/chainguard/cni-plugins-fips-loopback-compatpkg:apk/chainguard/cni-plugins-fips-macvlanpkg:apk/chainguard/cni-plugins-fips-macvlan-compatpkg:apk/chainguard/cni-plugins-fips-mainpkg:apk/chainguard/cni-plugins-fips-metapkg:apk/chainguard/cni-plugins-fips-portmappkg:apk/chainguard/cni-plugins-fips-portmap-compatpkg:apk/chainguard/cni-plugins-fips-ptppkg:apk/chainguard/cni-plugins-fips-ptp-compatpkg:apk/chainguard/cni-plugins-fips-sbrpkg:apk/chainguard/cni-plugins-fips-sbr-compatpkg:apk/chainguard/cni-plugins-fips-staticpkg:apk/chainguard/cni-plugins-fips-static-compatpkg:apk/chainguard/cni-plugins-fips-tuningpkg:apk/chainguard/cni-plugins-fips-tuning-compatpkg:apk/chainguard/cni-plugins-fips-vlanpkg:apk/chainguard/cni-plugins-fips-vlan-compatpkg:golang/github.com/containernetworking/pluginspkg:rpm/almalinux/libslirppkg:rpm/almalinux/libslirp-develpkg:rpm/almalinux/python-podman-apipkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1
< 0+ 46 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.8.6
- (no CPE)range: < 4.3.1-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 4.3.1-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 1.2.0-0.2.gitd0a45fe.module_el8.5.0+2635+e4386a39
- (no CPE)range: < 0.8.6-lp151.2.6.1
- (no CPE)range: < 0.8.6-lp152.2.4.1
- (no CPE)range: < 0.9.1-1.3
- (no CPE)range: < 0.8.6-3.6.1
- (no CPE)range: < 0.8.6-3.6.1
- (no CPE)range: < 0.8.6-150000.1.7.1
- (no CPE)range: < 0.8.6-3.6.1
- Red Hat/containernetworking/pluginsv5Range: all containernetworking/plugins versions before version 0.8.6
Patches
Vulnerability mechanics
References
10- lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.htmlghsavendor-advisoryx_refsource_SUSEWEB
- lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.htmlghsavendor-advisoryx_refsource_SUSEWEB
- github.com/advisories/GHSA-fx6x-h9g4-56f8ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2020-10749ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/containernetworking/plugins/releases/tag/v0.8.6ghsaWEB
- groups.google.com/forum/ghsaWEB
- groups.google.com/forum/mitrex_refsource_MISC
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJCghsaWEB
News mentions
0No linked articles in our index yet.