GHSA-5x96-j797-5qqw
GitHub Security Advisory
Sensitive Information leak via Log File in Kubernetes
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.
Affected Packages
Go
github.com/kubernetes/kubernetes
Affected versions:
0
(fixed in 1.17.13)
Go
github.com/kubernetes/kubernetes
Affected versions:
1.18.0
(fixed in 1.18.10)
Go
github.com/kubernetes/kubernetes
Affected versions:
1.19.0
(fixed in 1.19.3)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: November 25, 2025 6:29 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.