High
Cloud Foundry Foundation
A security issue was discovered with the Kubernetes kubectl cp
command that could enable a directory traversal replacing or deleting files on a users workstation. The issue is High severity and upgrading kubectl to Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0 is encouraged to fix this issue.
Users of affected versions should apply the following mitigations or upgrades:
2019-04-01: Initial vulnerability report published.