podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

PT-2018-5277 · Kubernetes · Kubernetes

Name of the Vulnerable Software and Affected Versions: Kubernetes versions 1.3.x through 1.6.x Kubernetes versions 1.7.x through 1.7.13 Kubernetes versions 1.8.x through 1.8.8 Kubernetes versions 1.9.x through 1.9.3 Description: The issue allows containers using a secret, configMap, projected or...