Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GO-2022-0701
HistoryFeb 15, 2022 - 1:57 a.m.

Directory traversal in k8s.io/kubernetes

2022-02-1501:57:18
Google
osv.dev
13
directory traversal
crafted object names
kubernetes
etcd
red hat openshift enterprise 3.0

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

41.5%

JSON

Crafted object type names can cause directory traversal in Kubernetes.

Object names are not validated before being passed to etcd. This allows attackers to write arbitrary files via a crafted object name, hence causing directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0.

Related

nvd 1
veracode 2
github 1
cve 1
debiancve 1
redhat 1
nessus 1
osv 1
prion 1
cvelist 1
nvd
nvd
CVE-2015-5305
2015-11-06 18:59:00
veracode
veracode
Path Traversal
2017-04-28 02:45:06
Path Traversal
2019-01-15 09:08:20
github
github
Directory Traversal in Kubernetes
2022-02-15 01:57:18
cve
cve
CVE-2015-5305
2015-11-06 18:59:00
debiancve
debiancve
CVE-2015-5305
2015-11-06 18:59:00
redhat
redhat
(RHSA-2015:1945) Moderate: kubernetes security update
2015-10-27 18:30:55
nessus
nessus
RHEL 7 : kubernetes (RHSA-2015:1945)
2018-12-04 00:00:00
osv
osv
Directory Traversal in Kubernetes
2022-02-15 01:57:18
prion
prion
Directory traversal
2015-11-06 18:59:00
cvelist
cvelist
CVE-2015-5305
2015-11-06 18:00:00

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

41.5%

JSON
Related for OSV:GO-2022-0701
nvd1veracode2github1cve1debiancve1redhat1nessus1osv1prion1cvelist1