{"id":"GO-2022-0890","summary":"Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes","details":"Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes","aliases":["CVE-2020-8555","GHSA-x6mj-w4jf-jmgw"],"modified":"2026-02-04T03:55:26.305499Z","published":"2024-08-21T15:29:08Z","related":["CGA-rmpf-8rm4-w234"],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0890","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-x6mj-w4jf-jmgw"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2020/06/01/4"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2021/05/04/8"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/issues/91542"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/89794"},{"type":"WEB","url":"https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20200724-0005"}],"affected":[{"package":{"name":"k8s.io/kubernetes","ecosystem":"Go","purl":"pkg:golang/k8s.io/kubernetes"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.15.12"},{"introduced":"1.16.0"},{"fixed":"1.16.9"},{"introduced":"1.17.0"},{"fixed":"1.17.4"},{"introduced":"1.18.0"},{"fixed":"1.18.1"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0890.json"}}],"schema_version":"1.7.3"}