CVE-2019-17110: Exposure of Sensitive Information to an Unauthorized Actor in kube-state-metrics
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-10223. Reason: This candidate is a duplicate of CVE-2019-10223. Notes: All CVE users should reference CVE-2019-10223 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
References
- github.com/advisories/GHSA-2v6x-frw8-7r7f
- github.com/kubernetes/kube-state-metrics/commit/03122fe3e2df49a9a7298b8af921d3c37c430f7f
- github.com/kubernetes/kube-state-metrics/commit/2a9ab3a9a0f1c4dbecb6a5577185b33bfac86a96
- github.com/kubernetes/kube-state-metrics/releases/tag/v1.7.2
- nvd.nist.gov/vuln/detail/CVE-2019-17110
Code Behaviors & Features
Detect and mitigate CVE-2019-17110 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →