CVE-2026-3864

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via insufficient validation of the subDir parameter in volume identifiers. An attacker can cause unintended directories on the NFS server to be deleted or modified by crafting volume identifiers containing path...

GHSA-2MJQ-54QG-7W6J NFS CSI driver for Kubernetes is Vulnerable to Path Traversal through Volume Identifier Parameter

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

NFS CSI driver for Kubernetes is Vulnerable to Path Traversal through Volume Identifier Parameter

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

EUVD-2026-13831

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

CVE-2026-3864

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

CVE-2026-3864 CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

Kubernetes（K8s） 安全漏洞

Kubernetes K8s is an open-source system developed under the Kubernetes project, used for automated deployment, scaling, and management of containerized applications. There is a security vulnerability in Kubernetes K8s, which stems from insufficient validation of the subDir parameter in volume...

PT-2026-25942

Name of the Vulnerable Software and Affected Versions Kubernetes CSI Driver for NFS affected versions not specified Description A flaw exists in the Kubernetes CSI Driver for NFS related to insufficient validation of the subDir parameter within volume identifiers. An attacker capable of creating...

EUVD-2020-25261

Malware in sbrugna...

SUSE CVE-2020-3996

Velero prior to 1.4.3 and 1.5.2 in some instances doesn't properly manage volume identifiers which may result in information leakage to unauthorized users...

CVE-2020-3996

Velero prior to 1.4.3 and 1.5.2 in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users...

CVE-2020-3996

CVE-2020-3996 concerns Velero where, in some deployments, volume identifiers are not managed securely, potentially leaking information to unauthorized users. Affected: Velero versions prior to 1.4.3 and prior to 1.5.2. Impact: partial confidentiality. Remediation/fix/details are not provided in t...

CVE-2020-3996

Velero prior to 1.4.3 and 1.5.2 in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users...

Using the Diskshadow Utility to Manually Test VSS Operations

Windows Server Required This article documents how to use Diskshadow , which is only available in Server versions of Windows 2008+. Purpose This article documents how to manually create a volume shadow copy using the Diskshadow command-line utility in Windows. Cause Veeam products use the Microso...