CVE-2019-3682 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-3682 Interim 1 6 2025-02-17T02:21:35Z current 2021-05-30T14:22:31Z 2025-02-17T02:21:35Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-3682 The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2019-February/005125.html E-Mail link for SUSE-SU-2019:0416-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 3.0 docker-kubic-17.09.1_ce-7.6.1 kubernetes-salt-3.0.0+git_r931_9cdca5a-3.47.1 sles12-velum-image-3.1.9-3.33.4 docker-kubic-17.09.1_ce-7.6.1 as a component of SUSE CaaS Platform 3.0 kubernetes-salt-3.0.0+git_r931_9cdca5a-3.47.1 as a component of SUSE CaaS Platform 3.0 sles12-velum-image-3.1.9-3.33.4 as a component of SUSE CaaS Platform 3.0 The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. CVE-2019-3682 SUSE CaaS Platform 3.0:docker-kubic-17.09.1_ce-7.6.1 SUSE CaaS Platform 3.0:kubernetes-salt-3.0.0+git_r931_9cdca5a-3.47.1 SUSE CaaS Platform 3.0:sles12-velum-image-3.1.9-3.33.4 low