Heads up, this is a critical Kubernetes security vulnerability that can be exploited without any credentials via a network vector and without leaving a trace.
It fixes Kubernetes issue 71411 [1]: CVE-2018-1002105: proxy request handling in kube-apiserver can leave vulnerable TCP connections.
1 comment
[ 3.2 ms ] story [ 17.7 ms ] threadIt fixes Kubernetes issue 71411 [1]: CVE-2018-1002105: proxy request handling in kube-apiserver can leave vulnerable TCP connections.
https://github.com/kubernetes/kubernetes/issues/71411