CVE-2018-1002100

🗓️ 01 Jun 2018 21:00:00Reported by kubernetesType

Insecure handling of tar data by kubectl cp command in Kubernetes pre 1.9.

Reporter	Title	Published	Views	Family All 25
Circl	CVE-2018-1002100	2 Apr 201913:51	–	circl
CNVD	Google Kubernetes Arbitrary File Overwrite Vulnerability	12 Jul 201800:00	–	cnvd
CVE	CVE-2018-1002100	1 Jun 201821:00	–	cve
Debian CVE	CVE-2018-1002100	1 Jun 201821:00	–	debiancve
EUVD	EUVD-2022-2004	3 Oct 202520:07	–	euvd
Github Security Blog	Kubernetes arbitrary file overwrite	13 May 202201:35	–	github
NVD	CVE-2018-1002100	2 Jun 201801:29	–	nvd
OPENSUSE Linux	govulncheck-vulndb-0.0.20250807T150727-1.1 on GA media (moderate)	9 Aug 202500:00	–	opensuse
OSV	DEBIAN-CVE-2018-1002100	2 Jun 201801:29	–	osv
OSV	GHSA-2JQ6-FFPH-P4H8 Kubernetes arbitrary file overwrite	13 May 202201:35	–	osv

[
  {
    "product": "Kubernetes",
    "vendor": "Kubernetes",
    "versions": [
      {
        "status": "affected",
        "version": "v1.5.x"
      },
      {
        "status": "affected",
        "version": "v1.6.x"
      },
      {
        "status": "affected",
        "version": "v1.7.x"
      },
      {
        "status": "affected",
        "version": "v1.8.x"
      },
      {
        "lessThan": "v1.9.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/kubernetes/kubernetes/issues/61297
hansmi	www.hansmi.ch/articles/2018-04-openshift-s2i-security
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

01 Jun 2018 21:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 34.2

EPSS0.0159