Edit CVE-2020-8558.yml (!42744) · Merge requests · GitLab.org / security-products / advisory-database

Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you receive complimentary access to GitLab Duo.

hello!

the go/k8s.io/kube-proxy has updated the versioning scheme such that versions in the 0.x.x series are actually considered greater than 1.x.x.

Since the vulnerability applies to all versions <1.16.11 but does not affect the 0.x.x versions, we need to adjust the version interval. Using >1.12.0 ensures that the check will start from the first 1.x.x release and will not incorrectly match the 0.x.x versions.

This change prevents false positives while still covering all vulnerable releases.

https://github.com/kubernetes/kube-proxy/releases/tag/kubernetes-1.12.0

Edited Oct 15, 2025 by 🤖 GitLab Bot 🤖

Edit CVE-2020-8558.yml

Merge request reports