data/reports/GO-2021-0064.yaml - vulndb - Git at Google

 modules:
   - module: k8s.io/client-go
     versions:
       - fixed: 0.20.0-alpha.2
     packages:
       - package: k8s.io/client-go/transport
         symbols:
           - requestInfo.toCurl
   - module: k8s.io/kubernetes
     versions:
       - fixed: 1.20.0-alpha.2
     packages:
       - package: k8s.io/kubernetes/staging/src/k8s.io/client-go/transport
         symbols:
           - requestInfo.toCurl
 description: |
     Authorization tokens may be inappropriately logged if the verbosity
     level is set to a debug level.
 published: 2021-04-14T20:04:52Z
 cves:
   - CVE-2020-8565
 credit: '@sfowl'
 references:
   - fix: https://github.com/kubernetes/kubernetes/pull/95316
   - fix: https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419
   - web: https://github.com/kubernetes/kubernetes/issues/95623
	modules:
	- module: k8s.io/client-go
	versions:
	- fixed: 0.20.0-alpha.2
	packages:
	- package: k8s.io/client-go/transport
	symbols:
	- requestInfo.toCurl
	- module: k8s.io/kubernetes
	versions:
	- fixed: 1.20.0-alpha.2
	packages:
	- package: k8s.io/kubernetes/staging/src/k8s.io/client-go/transport
	symbols:
	- requestInfo.toCurl
	description: \|
	Authorization tokens may be inappropriately logged if the verbosity
	level is set to a debug level.
	published: 2021-04-14T20:04:52Z
	cves:
	- CVE-2020-8565
	credit: '@sfowl'
	references:
	- fix: https://github.com/kubernetes/kubernetes/pull/95316
	- fix: https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419
	- web: https://github.com/kubernetes/kubernetes/issues/95623