{"id":"CVE-2020-8551","details":"The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.","aliases":["GHSA-qhm4-jxv7-j9pq","GO-2022-0867"],"modified":"2026-03-23T05:04:43.183365296Z","published":"2020-03-27T15:15:12.647Z","related":["CGA-6h55-ccq7-qxwx","openSUSE-SU-2025:15424-1"],"references":[{"type":"WEB","url":"https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200413-0003/"},{"type":"FIX","url":"https://github.com/kubernetes/kubernetes/issues/89377"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529"},{"last_affected":"2e808b7cb054ee242b68e62455323aa783991f03"},{"introduced":"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77"},{"last_affected":"72c30166b2105cd7d3350f2c28a219e6abcd79eb"},{"introduced":"70132b0f130acc0bed193d9ba59dd186f0e634cf"},{"last_affected":"59603c6e503c87169aea6106f57b9f242f64df89"}],"database_specific":{"versions":[{"introduced":"1.15.0"},{"last_affected":"1.15.9"},{"introduced":"1.16.0"},{"last_affected":"1.16.6"},{"introduced":"1.17.0"},{"last_affected":"1.17.2"}]}}],"versions":["v1.15.0","v1.15.1","v1.15.1-beta.0","v1.15.2","v1.15.2-beta.0","v1.15.3","v1.15.3-beta.0","v1.15.4","v1.15.4-beta.0","v1.15.5","v1.15.5-beta.0","v1.15.6","v1.15.6-beta.0","v1.15.7","v1.15.7-beta.0","v1.15.8","v1.15.8-beta.0","v1.15.8-beta.1","v1.15.9","v1.15.9-beta.0","v1.16.0","v1.16.1","v1.16.1-beta.0","v1.16.2","v1.16.2-beta.0","v1.16.3","v1.16.3-beta.0","v1.16.4","v1.16.4-beta.0","v1.16.5","v1.16.5-beta.0","v1.16.5-beta.1","v1.16.6","v1.16.6-beta.0","v1.17.0","v1.17.1","v1.17.1-beta.0","v1.17.2","v1.17.2-beta.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"32"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8551.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}