The latest versions of Kubernetes Server addresses a known vulnerability to the API using TLS connections. Reference CVE-2018-1002105 at the link below for more details.