RHCOS 3 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3239 advisory. - kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal CVE-2019-11249 -...

RHCOS 3 : OpenShift Container Platform 3.9 atomic-openshift (RHSA-2019:1852)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1852 advisory. - kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via kubectl cp CVE-2019-11246 Note that Nessus has not test...

Oracle Linux 7 : kubernetes (ELSA-2019-4816)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4816 advisory. - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS - CVE-2019-16276 Support patching flannel/dashboard on upgrade -...

Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision

Summary Vulnerability CVE-2019-11246 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11246 DESCRIPTION: The kubectl cp command allows copying files between containers and the user's machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar...

RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3239 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.10 atomic-openshift security update

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177

An update of the kubernetes package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2019-11246

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...

CVE-2019-11246

CVE-2019-11246 : Kubernetes kubectl cp uses tar inside the container to create an archive, which kubectl unpacks on the user’s machine. If the container tar is malicious, it could run code and write files to the local filesystem, limited by the user’s permissions. Affected Kubernetes versions inc...

Fedora Update for kubernetes FEDORA-2019-2b8ef08c95

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : kubernetes (2019-2b8ef08c95)

Update to v1.15.2 + carry upstream 81330 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

Security Bulletin: API Connect V2018 is impacted by a Kubernetes vulnerability(CVE-2019-11246)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11246 DESCRIPTION: Kubernetes could allow a remote attacker to traverse directories on the system. By persuading a victim to use the kubectl cp command with a malicious container, an attacker...

Directory Traversal

github.com/kubernetes/kubernetes is vulnerable to directory traversal. The vulnerability exists as a malicious container can replace or create files on a user's workstation. The vulnerability is due to incomplete fixes of CVE-2019-1002101 and CVE-2019-11246...

RHEL 7 : OpenShift Container Platform 3.9 atomic-openshift (RHSA-2019:1852)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1852 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Kubernetes (CVE-2019-11246)

Summary A Security Vulnerability affects IBM Cloud Private - Kubernetes CVE-2019-11246 Vulnerability Details CVEID: CVE-2019-11246 DESCRIPTION: Kubernetes could allow a remote attacker to traverse directories on the system. By persuading a victim to use the kubectl cp command with a malicious...

RHEL 7 : Red Hat OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:1633)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1633 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 atomic-openshift security update

An update for atomic-openshift is now available for OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.10 atomic-openshift security update

An update for atomic-openshift is now available for OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...