GCVE - cpe:2.3:a:kubernetes:kubernetes-csi_external-resizer:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kubernetes:kubernetes-csi_external-resizer:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kubernetes (`3ee05930-9e42-51b2-ad52-30832f573b15`)
Product	Kubernetes Csi External Resizer (`e8db1a8d-4f8c-5c8a-b541-221565517a37`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-11255`	vulnerable	2026-06-03 14:39:32.584034	Kubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation MEDIUM (4.8) Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized PersistentVolume data access or volume mutation during snapshot, restore from snapshot, cloning and resizing operations. Published: 2019-12-05T16:05:18.735Z Updated: 2024-09-16T23:05:20.635Z Open on db.gcve.eu Reference links https://github.com/kubernetes/kubernetes/issues/85233 https://groups.google.com/forum/#%21topic/kubernetes-security-announce/aXiYN0q4uIw https://access.redhat.com/errata/RHSA-2019:4099 https://access.redhat.com/errata/RHSA-2019:4096 https://access.redhat.com/errata/RHSA-2019:4054	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.