SUSE CVE-2019-18466

An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a...

PT-2019-5382 · Red Hat +4 · Podman +5

Name of the Vulnerable Software and Affected Versions: Podman versions prior to 1.6.0 Description: The issue is related to the handling of symbolic links in the libpod library of Podman. It allows an attacker to create a container image with specific symlinks that, when copied to the host...

kubernetes: Mishandling of symlinks allows for arbitrary file write via `kubectl cp`

A flaw was found in Kubernetes via the mishandling of symlinks when copying files from a running container. An attacker could exploit this by convincing a user to use kubectl cp or oc cp with a malicious container, allowing for arbitrary files to be overwritten on the host machine...

PT-2019-11293 · Kubernetes +1 · Kubectl +1

Name of the Vulnerable Software and Affected Versions: kubectl versions prior to 1.11.9 kubectl versions prior to 1.12.7 kubectl versions prior to 1.13.5 kubectl versions prior to 1.14.0 Description: The issue arises from the kubectl cp command, which allows copying files between containers and t...