GCVE - cpe:2.3:a:kubernetes:kubernetes:1.18.0:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kubernetes:kubernetes:1.18.0:-:*:*:*:*:*:*

part: a version: 1.18.0 update: -

Vendor	Kubernetes (`3ee05930-9e42-51b2-ad52-30832f573b15`)
Product	Kubernetes (`1a2d2535-9ff1-599e-92b3-aa33ed592780`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:code.google/kubernetes`	purl2cpe	2026-06-01 10:13:27.661285
`pkg:github/kubernetes/kubernetes`	purl2cpe	2026-06-01 10:13:27.661287

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-8555`	vulnerable	2026-06-03 14:43:09.643773	Kubernetes kube-controller-manager SSRF MEDIUM (6.3) The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services). Published: 2020-06-04T21:50:11.749Z Updated: 2024-09-16T18:39:58.006Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2020/06/01/4 https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion https://github.com/kubernetes/kubernetes/issues/91542 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/ https://security.netapp.com/advisory/ntap-20200724-0005/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.