This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.

...

Kubernetes 安全漏洞

Kubernetes K8s is an open source system for automating the deployment, scaling, and management of containerized applications from the Kubernetes open source. A security vulnerability exists in Kubernetes that stems from the use of the deprecated in-tree gitRepo volume feature, which could lead to...

Kubernetes 安全漏洞

Kubernetes K8s is an open source system for automating the deployment, scaling, and management of containerized applications from Kubernetes Open Source. A security vulnerability exists in Kubernetes that stems from allowing arbitrary commands to be executed via a specially crafted gitRepo volume...