Addressing [CVE-2018-18264] and Kubernetes API Server external IP address proxying

jambajaar · January 4, 2019, 5:51pm

Kubernetes has announced couple of patches to address recently discovered security vulnerabilities for both kubernetes and the kubernetes dashboard:

[CVE-2018-18264] Accessing custom TLS certs via the kubernetes dashboard
Kubernetes API server external IP address proxying

For more details on the announcement, see:

At Rancher, we want to make sure you are always updated with the latest security fixes and patches so the updated kubernetes versions v1.10.12, v1.11.6, and v1.12.4 that address this issue will be made available in Rancher v2.1.5 and v2.0.10. There are no new Rancher v1.6 versions for these vulnerabilities because standard v1.6.x installations are not affected.

For more details of how these vulnerabilities may apply to you, please visit this Rancher blog post:

Topic		Replies	Views
Rancher Release v2.4.16 - Addresses CVE-2021-31999, CVE-2021-25318, and CVE-2021-25320 Announcements	3	2265	August 9, 2021
Rancher Release - v2.1.12 - Addresses Kubernetes CVE-2019-11247 and CVE-2019-11249 and Rancher CVE-2019-14435 and CVE-2019-14436 Announcements	1	965	August 7, 2019
Release v2.4.4 - Addresses Kubernetes Security Announcement Announcements	0	1263	June 2, 2020
Rancher Release - v2.2.7 - Addresses Kubernetes CVE-2019-11247 and CVE-2019-11249 and Rancher CVE-2019-14435 and CVE-2019-14436 Announcements	1	1110	August 7, 2019
Rancher Release v2.4.14 - Addresses CVE-2021-25313 Announcements	1	1005	March 4, 2021

Addressing [CVE-2018-18264] and Kubernetes API Server external IP address proxying

Related Topics