{"id":"CVE-2020-10749","details":"A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.","aliases":["GHSA-fx6x-h9g4-56f8","GO-2023-1915"],"modified":"2026-04-10T04:21:34.537184Z","published":"2020-06-03T14:15:12.470Z","related":["ALSA-2020:4694","CGA-wghg-4jq2-6hfj","SUSE-SU-2020:1957-1","SUSE-SU-2022:4151-1","openSUSE-SU-2020:1049-1","openSUSE-SU-2020:1050-1","openSUSE-SU-2024:10689-1"],"references":[{"type":"WEB","url":"https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/containernetworking/plugins","events":[{"introduced":"0"},{"fixed":"ad10b6fa91aacd720f1f9ab94341a97a82a24965"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.8.6"}]}}],"versions":["v0.6.0","v0.6.0-rc1","v0.6.0-rc2","v0.7.0","v0.7.0-rc1","v0.7.0-rc2","v0.8.0","v0.8.1","v0.8.2","v0.8.3","v0.8.4","v0.8.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10749.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}]}