[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-1002105":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":48,"duplicate_of":9,"upstream":51,"downstream":52,"duplicates":79,"related":80,"reserved_at":9,"published_at":86,"modified_at":87,"state":88,"summary":89,"references_raw":96,"kevs":243,"epss":244,"epss_history":247,"metrics":454,"affected":467},"CVE-2018-1002105","In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-388","7PK - Errors","This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that occur when an application does not properly handle errors that occur during processing. According to the authors of the Seven Pernicious Kingdoms, \"Errors and error handling represent a class of API. Errors related to error handling are so common that they deserve a special kingdom of their own. As with 'API Abuse,' there are two ways to introduce an error-related security vulnerability: the most common one is handling errors poorly (or not at all). The second is producing errors that either give out too much information (to possible attackers) or are difficult to handle.\"","category","Draft",[],[19,28,40],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_EVICT_POC_CVE-2018-1002105","Poc Cve 2018 1002105","github","https://github.com/evict/poc_CVE-2018-1002105","poc",0.3,false,[],{"_key":29,"name":30,"source":31,"url":32,"maturity":24,"reliability_score":33,"verified":26,"type":34,"platforms":35,"requires_auth":9,"exploitdb":37,"metasploit":9},"46053","Kubernetes - (Authenticated) Arbitrary Requests","exploit-database","https://www.exploit-db.com/exploits/46053",0.5,"remote",[36],"multiple",{"verified":26,"type":34,"platform":36,"file":38,"codes":39},"exploits/multiple/remote/46053.py",[7],{"_key":41,"name":42,"source":31,"url":43,"maturity":24,"reliability_score":33,"verified":26,"type":34,"platforms":44,"requires_auth":9,"exploitdb":45,"metasploit":9},"46052","Kubernetes - (Unauthenticated) Arbitrary Requests","https://www.exploit-db.com/exploits/46052",[36],{"verified":26,"type":34,"platform":36,"file":46,"codes":47},"exploits/multiple/remote/46052.py",[7],[49,50],"GHSA-579h-mv94-g4gp","GO-2022-0792",[],[53,55,57,59,61,63,65,67,69,71,73,75,77],{"_key":54},"UBUNTU-CVE-2018-1002105",{"_key":56},"OPENSUSE-SU-2020:0554-1",{"_key":58},"DEBIAN-CVE-2018-1002105",{"_key":60},"RHSA-2018:2906",{"_key":62},"RHSA-2018:2908",{"_key":64},"RHSA-2018:3537",{"_key":66},"RHSA-2018:3549",{"_key":68},"RHSA-2018:3551",{"_key":70},"RHSA-2018:3598",{"_key":72},"RHSA-2018:3624",{"_key":74},"RHSA-2018:3742",{"_key":76},"RHSA-2018:3752",{"_key":78},"RHSA-2018:3754",[],[81,82,84],{"_key":56},{"_key":83},"CGA-3M3M-CW2J-CPVJ",{"_key":85},"CGA-PR5Q-V7CV-4H5G","2018-12-05T21:00:00.000Z","2024-08-05T12:47:57.159Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":90,"epss_score":91,"severity":90,"severity_score":92,"severity_version":93,"severity_source":94,"severity_vector":95,"severity_status":88},"critical",0.90189,9.8,"v3.0","cve.org","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[97,103,111,119,123,127,131,137,144,148,152,156,159,163,167,172,176,182,186,190,195,200,205,209,213,217,221,224,227,231,235,239],{"url":98,"sources":99,"tags":101},"https://groups.google.com/forum/#%21topic/kubernetes-announce/GVllWCg6L88",[94,100],"nvd",[102],"X Refsource CONFIRM",{"url":104,"sources":105,"tags":106},"https://www.exploit-db.com/exploits/46053/",[94,100],[107,108,109,110],"Exploit","X Refsource EXPLOIT DB","Third Party Advisory","VDB Entry",{"url":112,"sources":113,"tags":115},"https://access.redhat.com/errata/RHSA-2018:3549",[94,100,114],"osv_go",[116,117,109,118],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":120,"sources":121,"tags":122},"https://access.redhat.com/errata/RHSA-2018:3752",[94,100,114],[116,117,109,118],{"url":124,"sources":125,"tags":126},"https://www.exploit-db.com/exploits/46052/",[94,100],[107,108,109,110],{"url":128,"sources":129,"tags":130},"https://access.redhat.com/errata/RHSA-2018:3624",[94,100,114],[116,117,109,118],{"url":132,"sources":133,"tags":134},"https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do",[94,100,114],[135,136,109,118],"X Refsource MISC","Mitigation",{"url":138,"sources":139,"tags":140},"https://github.com/kubernetes/kubernetes/issues/71411",[94,100,114],[102,141,136,142,109,118,143],"Issue Tracking","Patch","REPORT",{"url":145,"sources":146,"tags":147},"https://access.redhat.com/errata/RHSA-2018:3742",[94,100,114],[116,117,109,118],{"url":149,"sources":150,"tags":151},"https://access.redhat.com/errata/RHSA-2018:3754",[94,100,114],[116,117,109,118],{"url":153,"sources":154,"tags":155},"https://access.redhat.com/errata/RHSA-2018:3537",[94,100,114],[116,117,109,118],{"url":23,"sources":157,"tags":158},[94,100,114],[135,107,109,118],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/errata/RHSA-2018:3598",[94,100,114],[116,117,109,118],{"url":164,"sources":165,"tags":166},"https://access.redhat.com/errata/RHSA-2018:3551",[94,100,114],[116,117,109,118],{"url":168,"sources":169,"tags":170},"http://www.securityfocus.com/bid/106068",[94,100],[110,171,109],"X Refsource BID",{"url":173,"sources":174,"tags":175},"https://security.netapp.com/advisory/ntap-20190416-0001/",[94,100],[102,109],{"url":177,"sources":178,"tags":179},"http://www.openwall.com/lists/oss-security/2019/06/28/2",[94,100],[180,181],"Mailing List","X Refsource MLIST",{"url":183,"sources":184,"tags":185},"http://www.openwall.com/lists/oss-security/2019/07/06/3",[94,100],[180,181],{"url":187,"sources":188,"tags":189},"http://www.openwall.com/lists/oss-security/2019/07/06/4",[94,100],[180,181],{"url":191,"sources":192,"tags":193},"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html",[94,100],[116,194],"X Refsource SUSE",{"url":196,"sources":197,"tags":198},"https://nvd.nist.gov/vuln/detail/CVE-2018-1002105",[114],[199],"Advisory",{"url":201,"sources":202,"tags":203},"https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905",[114],[118,204],"FIX",{"url":206,"sources":207,"tags":208},"https://www.securityfocus.com/bid/106068",[114],[118],{"url":210,"sources":211,"tags":212},"https://www.openwall.com/lists/oss-security/2019/07/06/4",[114],[118],{"url":214,"sources":215,"tags":216},"https://www.openwall.com/lists/oss-security/2019/07/06/3",[114],[118],{"url":218,"sources":219,"tags":220},"https://www.openwall.com/lists/oss-security/2019/06/28/2",[114],[118],{"url":32,"sources":222,"tags":223},[114],[118],{"url":43,"sources":225,"tags":226},[114],[118],{"url":228,"sources":229,"tags":230},"https://security.netapp.com/advisory/ntap-20190416-0001",[114],[118],{"url":232,"sources":233,"tags":234},"https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html",[114],[118],{"url":236,"sources":237,"tags":238},"https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88",[114],[118],{"url":240,"sources":241,"tags":242},"https://github.com/advisories/GHSA-579h-mv94-g4gp",[114],[199],[],{"date":245,"score":91,"percentile":246},"2026-06-03",0.99608,[248,252,255,257,260,262,265,267,269,271,273,275,277,279,281,285,287,289,292,295,297,299,301,303,305,307,309,311,315,317,320,322,324,326,328,330,332,334,336,338,340,342,344,346,349,351,353,355,358,360,362,364,366,368,371,374,376,378,381,384,386,389,391,393,395,397,399,401,403,405,407,410,412,415,417,420,422,424,426,428,430,433,436,438,441,443,445,447,449,451],{"date":249,"score":250,"percentile":251},"2025-11-04",0.90698,0.99591,{"date":253,"score":250,"percentile":254},"2025-11-05",0.9959,{"date":256,"score":250,"percentile":254},"2025-11-06",{"date":258,"score":250,"percentile":259},"2025-11-07",0.99589,{"date":261,"score":250,"percentile":259},"2025-11-08",{"date":263,"score":250,"percentile":264},"2025-11-09",0.99588,{"date":266,"score":250,"percentile":264},"2025-11-10",{"date":268,"score":250,"percentile":264},"2025-11-11",{"date":270,"score":250,"percentile":259},"2025-11-12",{"date":272,"score":250,"percentile":264},"2025-11-13",{"date":274,"score":250,"percentile":264},"2025-11-14",{"date":276,"score":250,"percentile":264},"2025-11-15",{"date":278,"score":250,"percentile":264},"2025-11-16",{"date":280,"score":250,"percentile":264},"2025-11-17",{"date":282,"score":283,"percentile":284},"2025-11-18",0.82095,0.99288,{"date":286,"score":283,"percentile":284},"2025-11-19",{"date":288,"score":283,"percentile":284},"2025-11-20",{"date":290,"score":250,"percentile":291},"2025-11-21",0.99586,{"date":293,"score":250,"percentile":294},"2025-11-22",0.99587,{"date":296,"score":250,"percentile":294},"2025-11-23",{"date":298,"score":250,"percentile":291},"2025-11-24",{"date":300,"score":250,"percentile":291},"2025-11-25",{"date":302,"score":250,"percentile":291},"2025-11-26",{"date":304,"score":250,"percentile":294},"2025-11-27",{"date":306,"score":250,"percentile":294},"2025-11-28",{"date":308,"score":250,"percentile":291},"2025-11-29",{"date":310,"score":250,"percentile":294},"2025-11-30",{"date":312,"score":313,"percentile":314},"2025-12-01",0.89863,0.99551,{"date":316,"score":313,"percentile":314},"2025-12-02",{"date":318,"score":313,"percentile":319},"2025-12-03",0.99552,{"date":321,"score":250,"percentile":259},"2025-12-04",{"date":323,"score":250,"percentile":254},"2025-12-05",{"date":325,"score":250,"percentile":254},"2025-12-06",{"date":327,"score":250,"percentile":254},"2025-12-07",{"date":329,"score":250,"percentile":251},"2025-12-08",{"date":331,"score":250,"percentile":251},"2025-12-09",{"date":333,"score":250,"percentile":251},"2025-12-10",{"date":335,"score":250,"percentile":251},"2025-12-11",{"date":337,"score":250,"percentile":251},"2025-12-12",{"date":339,"score":250,"percentile":251},"2025-12-13",{"date":341,"score":250,"percentile":251},"2025-12-14",{"date":343,"score":250,"percentile":254},"2025-12-15",{"date":345,"score":250,"percentile":251},"2025-12-16",{"date":347,"score":250,"percentile":348},"2025-12-17",0.99592,{"date":350,"score":250,"percentile":348},"2025-12-18",{"date":352,"score":250,"percentile":348},"2025-12-19",{"date":354,"score":250,"percentile":348},"2025-12-20",{"date":356,"score":250,"percentile":357},"2025-12-21",0.99593,{"date":359,"score":250,"percentile":357},"2025-12-22",{"date":361,"score":250,"percentile":357},"2025-12-23",{"date":363,"score":250,"percentile":357},"2025-12-24",{"date":365,"score":250,"percentile":357},"2025-12-25",{"date":367,"score":250,"percentile":357},"2025-12-26",{"date":369,"score":250,"percentile":370},"2025-12-27",0.99596,{"date":372,"score":250,"percentile":373},"2025-12-28",0.99594,{"date":375,"score":250,"percentile":373},"2025-12-29",{"date":377,"score":250,"percentile":373},"2025-12-30",{"date":379,"score":250,"percentile":380},"2025-12-31",0.99595,{"date":382,"score":313,"percentile":383},"2026-01-01",0.99558,{"date":385,"score":313,"percentile":383},"2026-01-02",{"date":387,"score":313,"percentile":388},"2026-01-03",0.99559,{"date":390,"score":250,"percentile":370},"2026-01-04",{"date":392,"score":250,"percentile":370},"2026-01-05",{"date":394,"score":250,"percentile":370},"2026-01-06",{"date":396,"score":250,"percentile":370},"2026-01-07",{"date":398,"score":250,"percentile":370},"2026-01-08",{"date":400,"score":250,"percentile":370},"2026-01-09",{"date":402,"score":250,"percentile":370},"2026-01-10",{"date":404,"score":250,"percentile":370},"2026-01-11",{"date":406,"score":250,"percentile":370},"2026-01-12",{"date":408,"score":250,"percentile":409},"2026-01-13",0.99597,{"date":411,"score":250,"percentile":409},"2026-01-14",{"date":413,"score":250,"percentile":414},"2026-01-15",0.99598,{"date":416,"score":250,"percentile":414},"2026-01-16",{"date":418,"score":250,"percentile":419},"2026-01-17",0.99599,{"date":421,"score":250,"percentile":409},"2026-01-18",{"date":423,"score":250,"percentile":409},"2026-01-19",{"date":425,"score":250,"percentile":414},"2026-01-20",{"date":427,"score":250,"percentile":414},"2026-01-21",{"date":429,"score":250,"percentile":414},"2026-01-22",{"date":431,"score":250,"percentile":432},"2026-01-23",0.996,{"date":434,"score":250,"percentile":435},"2026-01-24",0.99601,{"date":437,"score":250,"percentile":435},"2026-01-25",{"date":439,"score":250,"percentile":440},"2026-01-26",0.99602,{"date":442,"score":250,"percentile":440},"2026-01-27",{"date":444,"score":250,"percentile":440},"2026-01-28",{"date":446,"score":250,"percentile":440},"2026-01-29",{"date":448,"score":250,"percentile":440},"2026-01-30",{"date":450,"score":250,"percentile":440},"2026-01-31",{"date":452,"score":313,"percentile":453},"2026-02-01",0.99568,[455,459,465],{"source":94,"cvss_v2_0":9,"cvss_v3_0":456,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":92,"baseSeverity":457,"vectorString":95,"impactScore":92,"exploitabilityScore":458},"CRITICAL",10,{"source":100,"cvss_v2_0":460,"cvss_v3_0":464,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":461,"baseSeverity":9,"vectorString":462,"impactScore":463,"exploitabilityScore":458},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,{"baseScore":92,"baseSeverity":457,"vectorString":95,"impactScore":92,"exploitabilityScore":458},{"source":114,"cvss_v2_0":9,"cvss_v3_0":466,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":92,"baseSeverity":9,"vectorString":95,"impactScore":92,"exploitabilityScore":458},[468,490,540,546],{"ecosystem":469,"name":470,"vendor":471,"product":472,"cpe_part":9,"purl_type":473,"purl_namespace":471,"purl_name":472,"source":9,"versions":474},"Go","github.com/kubernetes/kubernetes","github.com/kubernetes","kubernetes","golang",[475,481,486],{"version":476,"is_range":477,"range_type":478,"version_start":9,"version_start_type":9,"version_end":479,"version_end_type":480,"fixed_in":9},"lt1_10_11",true,"semver","1.10.11","excluding",{"version":482,"is_range":477,"range_type":478,"version_start":483,"version_start_type":484,"version_end":485,"version_end_type":480,"fixed_in":9},"gte1_11_0_lt1_11_5","1.11.0","including","1.11.5",{"version":487,"is_range":477,"range_type":478,"version_start":488,"version_start_type":484,"version_end":489,"version_end_type":480,"fixed_in":9},"gte1_12_0_lt1_12_3","1.12.0","1.12.3",{"ecosystem":9,"name":472,"vendor":472,"product":472,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":492},"a",[493,498,502,505,508,510,512,514,516,518,520,522,524,526,528,530,534,537],{"version":494,"is_range":477,"range_type":495,"version_start":496,"version_start_type":484,"version_end":497,"version_end_type":484,"fixed_in":9},"gte1.0.0_lte1.9.11","cpe","1.0.0","1.9.11",{"version":499,"is_range":477,"range_type":495,"version_start":500,"version_start_type":484,"version_end":501,"version_end_type":484,"fixed_in":9},"gte1.10.0_lte1.10.10","1.10.0","1.10.10",{"version":503,"is_range":477,"range_type":495,"version_start":483,"version_start_type":484,"version_end":504,"version_end_type":484,"fixed_in":9},"gte1.11.0_lte1.11.4","1.11.4",{"version":506,"is_range":477,"range_type":495,"version_start":488,"version_start_type":484,"version_end":507,"version_end_type":484,"fixed_in":9},"gte1.12.0_lte1.12.2","1.12.2",{"version":509,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.12:beta0",{"version":511,"is_range":26,"range_type":94,"version_start":511,"version_start_type":484,"version_end":511,"version_end_type":484,"fixed_in":9},"v1.0.x",{"version":513,"is_range":26,"range_type":94,"version_start":513,"version_start_type":484,"version_end":513,"version_end_type":484,"fixed_in":9},"v1.1.x",{"version":515,"is_range":26,"range_type":94,"version_start":515,"version_start_type":484,"version_end":515,"version_end_type":484,"fixed_in":9},"v1.2.x",{"version":517,"is_range":26,"range_type":94,"version_start":517,"version_start_type":484,"version_end":517,"version_end_type":484,"fixed_in":9},"v1.3.x",{"version":519,"is_range":26,"range_type":94,"version_start":519,"version_start_type":484,"version_end":519,"version_end_type":484,"fixed_in":9},"v1.4.x",{"version":521,"is_range":26,"range_type":94,"version_start":521,"version_start_type":484,"version_end":521,"version_end_type":484,"fixed_in":9},"v1.5.x",{"version":523,"is_range":26,"range_type":94,"version_start":523,"version_start_type":484,"version_end":523,"version_end_type":484,"fixed_in":9},"v1.6.x",{"version":525,"is_range":26,"range_type":94,"version_start":525,"version_start_type":484,"version_end":525,"version_end_type":484,"fixed_in":9},"v1.7.x",{"version":527,"is_range":26,"range_type":94,"version_start":527,"version_start_type":484,"version_end":527,"version_end_type":484,"fixed_in":9},"v1.8.x",{"version":529,"is_range":26,"range_type":94,"version_start":529,"version_start_type":484,"version_end":529,"version_end_type":484,"fixed_in":9},"v1.9.x",{"version":531,"is_range":477,"range_type":94,"version_start":532,"version_start_type":484,"version_end":533,"version_end_type":480,"fixed_in":9},">= unspecified, \u003C v1.10.11","unspecified","v1.10.11",{"version":535,"is_range":477,"range_type":94,"version_start":532,"version_start_type":484,"version_end":536,"version_end_type":480,"fixed_in":9},">= unspecified, \u003C v1.11.5","v1.11.5",{"version":538,"is_range":477,"range_type":94,"version_start":532,"version_start_type":484,"version_end":539,"version_end_type":480,"fixed_in":9},">= unspecified, \u003C v1.12.3","v1.12.3",{"ecosystem":9,"name":541,"vendor":542,"product":541,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"trident","netapp",[544],{"version":545,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":547,"vendor":548,"product":549,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":550},"openshift container platform","redhat","openshift_container_platform",[551,553,555,557,559,561,563,565],{"version":552,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2",{"version":554,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.3",{"version":556,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.4",{"version":558,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.5",{"version":560,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.6",{"version":562,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.8",{"version":564,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.10",{"version":566,"is_range":26,"range_type":495,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11"]