Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:3905)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3905 advisory. - kubernetes: kubectl cp allows for arbitrary file write via double symlinks CVE-2019-11251 - kubernetes: YAML parsing vulnerable to...

7.5CVSS6.8AI score0.25939EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2019/11/18 4:23 p.m.3 views

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

5.7CVSS6.9AI score0.02327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/11/18 4:23 p.m.116 views

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 atomic-openshift security update

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.25939EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2019/11/07 4:55 p.m.4 views

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

5.7CVSS6.9AI score0.02327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/10/30 6:30 p.m.4 views

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

5.7CVSS6.9AI score0.02327EPSS
Exploits0References5
Rows per page
Query Builder