Lucene search
GoogleOSV:GHSA-2JQ6-FFPH-P4H8HistoryMay 13, 2022 - 1:35 a.m.
Kubernetes arbitrary file overwrite
2022-05-1301:35:04
Google
osv.dev
5
0.0005 Low
EPSS
Percentile
17.3%
In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| k8s.io/kubernetes | lt | 1.9.6 | |
| k8s.io/kubernetes | ge | 1.5 |
Related
osv
osv
CVE-2018-1002100
2018-06-02 01:29:02
debiancve
debiancve
CVE-2018-1002100
2022-10-03 16:21:40
redhatcve
redhatcve
CVE-2018-1002100
2018-04-13 17:20:22
cve
cve
CVE-2018-1002100
2022-10-03 16:21:40
prion
prion
Command injection
2018-06-02 01:29:00
github
github
Kubernetes arbitrary file overwrite
2022-05-13 01:35:04
cvelist
cvelist
CVE-2018-1002100
2022-10-03 16:21:40
nvd
nvd
CVE-2018-1002100
2018-06-02 01:29:02
ubuntucve
ubuntucve
CVE-2018-1002100
2018-06-02 00:00:00
veracode
veracode
Directory Traversal
2018-04-16 04:45:43
nessus
nessus
RHEL 7 : kubernetes (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : kubernetes (Unpatched Vulnerability)
2024-06-03 00:00:00