blob: 007e78b82da65181afb25653264b0c3a59338ccb [file] [log] [blame]
module = "k8s.io/client-go"
package = "k8s.io/client-go/transport"
description = """
Authorization tokens may be inappropriately logged if the verbosity
level is set to a debug level.
"""
cve = "CVE-2019-11250"
symbols = ["debuggingRoundTripper.RoundTrip"]
[[versions]]
fixed = "v0.17.0"
[[additional_packages]]
module = "k8s.io/kubernetes"
package = "k8s.io/kubernetes/staging/src/k8s.io/client-go/transport"
symbols = ["debuggingRoundTripper.RoundTrip"]
[[additional_packages.versions]]
fixed = "v1.16.0-beta.1"
[links]
commit = "https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245"
pr = "https://github.com/kubernetes/kubernetes/pull/81330"
context = ["https://github.com/kubernetes/kubernetes/issues/81114"]
# This is a really confusing one to classify becuase of how kubernetes
# does their vendoring stuff.