{"id":"CVE-2020-8555","details":"The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).","aliases":["GHSA-x6mj-w4jf-jmgw","GO-2022-0890"],"modified":"2026-04-10T04:28:25.389550Z","published":"2020-06-05T17:15:11.640Z","related":["CGA-rmpf-8rm4-w234","openSUSE-SU-2025:15424-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2020/06/01/4"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/05/04/8"},{"type":"ADVISORY","url":"https://github.com/kubernetes/kubernetes/issues/91542"},{"type":"ADVISORY","url":"https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200724-0005/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"0"},{"fixed":"d94a81c724ea8e1ccc9002d89b7fe81d58f89ede"},{"introduced":"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77"},{"fixed":"a17149e1a189050796ced469dbd78d380f2ed5ef"},{"introduced":"70132b0f130acc0bed193d9ba59dd186f0e634cf"},{"fixed":"e0fccafd69541e3750d460ba0f9743b90336f24f"},{"introduced":"0"},{"last_affected":"9e991415386e4cf155a24b1da15becaa390438d8"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.15.11"},{"introduced":"1.16.0"},{"fixed":"1.16.9"},{"introduced":"1.17.0"},{"fixed":"1.17.5"},{"introduced":"0"},{"last_affected":"1.18.0-NA"}]}}],"versions":["v0.13.1-dev","v0.17.0","v1.1.0-alpha.0","v1.1.0-alpha.1","v1.10.0-alpha.0","v1.10.0-alpha.1","v1.10.0-alpha.2","v1.10.0-alpha.3","v1.11.0-alpha.0","v1.11.0-alpha.1","v1.11.0-alpha.2","v1.12.0-alpha.0","v1.12.0-alpha.1","v1.13.0-alpha.0","v1.13.0-alpha.1","v1.13.0-alpha.2","v1.13.0-alpha.3","v1.14.0-alpha.0","v1.14.0-alpha.1","v1.14.0-alpha.2","v1.14.0-alpha.3","v1.15.0","v1.15.0-alpha.0","v1.15.0-alpha.1","v1.15.0-alpha.2","v1.15.0-alpha.3","v1.15.0-beta.0","v1.15.0-beta.1","v1.15.0-beta.2","v1.15.0-rc.1","v1.15.1","v1.15.1-beta.0","v1.15.10","v1.15.10-beta.0","v1.15.11-beta.0","v1.15.2","v1.15.2-beta.0","v1.15.3","v1.15.3-beta.0","v1.15.4","v1.15.4-beta.0","v1.15.5","v1.15.5-beta.0","v1.15.6","v1.15.6-beta.0","v1.15.7","v1.15.7-beta.0","v1.15.8","v1.15.8-beta.0","v1.15.8-beta.1","v1.15.9","v1.15.9-beta.0","v1.16.0","v1.16.0-alpha.0","v1.16.0-alpha.1","v1.16.0-alpha.2","v1.16.0-alpha.3","v1.16.1","v1.16.1-beta.0","v1.16.2","v1.16.2-beta.0","v1.16.3","v1.16.3-beta.0","v1.16.4","v1.16.4-beta.0","v1.16.5","v1.16.5-beta.0","v1.16.5-beta.1","v1.16.6","v1.16.6-beta.0","v1.16.7","v1.16.7-beta.0","v1.16.8","v1.16.8-beta.0","v1.16.9-beta.0","v1.17.0","v1.17.0-alpha.0","v1.17.0-alpha.1","v1.17.0-alpha.2","v1.17.0-alpha.3","v1.17.1","v1.17.1-beta.0","v1.17.2","v1.17.2-beta.0","v1.17.3","v1.17.3-beta.0","v1.17.4","v1.17.4-beta.0","v1.17.5-beta.0","v1.18.0","v1.18.0-alpha.0","v1.18.0-alpha.1","v1.18.0-alpha.2","v1.18.0-alpha.4","v1.18.0-alpha.5","v1.18.0-beta.0","v1.18.0-beta.1","v1.18.0-beta.2","v1.18.0-rc.1","v1.19.0-alpha.0","v1.2.0-alpha.1","v1.2.0-alpha.2","v1.2.0-alpha.3","v1.2.0-alpha.4","v1.2.0-alpha.5","v1.2.0-alpha.6","v1.2.0-alpha.7","v1.2.0-alpha.8","v1.3.0-alpha.0","v1.3.0-alpha.1","v1.3.0-alpha.2","v1.3.0-alpha.3","v1.3.0-alpha.4","v1.3.0-alpha.5","v1.4.0-alpha.1","v1.4.0-alpha.2","v1.4.0-alpha.3","v1.5.0-alpha.0","v1.5.0-alpha.1","v1.5.0-alpha.2","v1.6.0-alpha.0","v1.6.0-alpha.1","v1.6.0-alpha.2","v1.6.0-alpha.3","v1.7.0-alpha.0","v1.7.0-alpha.1","v1.7.0-alpha.2","v1.7.0-alpha.3","v1.7.0-alpha.4","v1.8.0-alpha.0","v1.8.0-alpha.1","v1.8.0-alpha.2","v1.8.0-alpha.3","v1.9.0-alpha.0","v1.9.0-alpha.1","v1.9.0-alpha.2","v1.9.0-alpha.3"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"32"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8555.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}]}