A pair of bugs in the Kubernetes open-source cloud container software can be highly dangerous s open source software. The flaws, CVE-2019-16276 and CVE-11253, have been patched. The high-severity flaw is a HTTP protocol violation in the Go language’s standard HTTP library, which is called net/http. The attack can be aimed at the YAML/JSON parsing function with a method called YAML S/JSON bombing
Source: https://threatpost.com/kubernetes-bugs-authentication-bypass-dos/149265/