Oval Definition:	oval:org.opensuse.security:def:20181002102
Revision Date: 2022-05-22 Version: 1 Title: CVE-2018-1002102 Description: Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2018-1002102 SUSE CVE-2018-1002102 Platform(s): SUSE CaaS Platform 4.0 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 Product(s): Definition Synopsis SUSE CaaS Platform 4.0 is installed AND Package Information kubernetes-client is not affected OR kubernetes-common is not affected OR kubernetes-kubeadm is not affected OR kubernetes-kubelet is not affected Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 is installed OR SUSE Linux Enterprise Module for Public Cloud 12 is installed OR SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND kubernetes-client is not affected
BACK