apk package
chainguard/hubble-ui-backend-fips
pkg:apk/chainguard/hubble-ui-backend-fips
Vulnerabilities (82)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45289 | Med | 4.3 | < 0.13.0-r1 | 0.13.0-r1 | Mar 5, 2024 | When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorizati | |
| CVE-2020-8559 | — | < 0.13.2-r2 | 0.13.2-r2 | Jul 22, 2020 | The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. |
- affected < 0.13.0-r1fixed 0.13.0-r1
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorizati
- CVE-2020-8559Jul 22, 2020affected < 0.13.2-r2fixed 0.13.2-r2
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
Page 5 of 5