CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-2004

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.0051EPSS

Exploits0References6

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2019-1002101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the...

6.4CVSS6.5AI score0.49935EPSS

Exploits2References2

OSV•added 2024/08/21 3:28 p.m.•22 views

GO-2022-0782 Symlink Attack in kubectl cp in k8s.io/kubernetes

Symlink Attack in kubectl cp in k8s.io/kubernetes...

6.4CVSS6AI score0.49935EPSS

Exploits2References11

SUSE CVE•added 2024/06/04 1:16 p.m.•1 views

SUSE CVE-2019-1002101

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user's machine. If the tar binary in the container is malicious, it could r...

5.3CVSS6.3AI score0.49935EPSS

Exploits2References5

Tenable Nessus•added 2023/09/07 12:0 a.m.•32 views

Oracle Linux 7 : kubernetes / kubeadm-upgrade / kubeadm-ha-setup (ELSA-2019-4593)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4593 advisory. - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains -- CVE-2019-9946 -- CVE-2019-1002101 -- CVE-2019-1002100...

7.8CVSS6.9AI score0.90842EPSS

Exploits3References3

SUSE CVE•added 2023/02/15 4:12 a.m.•1 views

SUSE CVE-2019-11251

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

5.3CVSS6.3AI score0.02647EPSS

Exploits0References3

OSV•added 2022/02/15 1:57 a.m.•28 views

GHSA-34JX-WX69-9X8V Symlink Attack in kubectl cp

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could r...

5.5CVSS5.9AI score0.49935EPSS

Exploits2References12

OSV•added 2021/05/18 3:30 p.m.•23 views

GHSA-6QFG-8799-R575 Kubernetes kubectl cp Vulnerable to Symlink Attack

5.7CVSS5.9AI score0.02647EPSS

Exploits0References4

BDU FSTEC•added 2020/10/29 12:0 a.m.•3 views

The vulnerability of the `kubectl cp` command, a management tool for clusters of virtual machines in Kubernetes, allows a attacker to upload a malicious file.

The vulnerability of the kubectl cp command, a management tool for clusters of virtual machines in Kubernetes, is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability allows a malicious actor to download a malicious file remotely...

7.1CVSS6.4AI score0.02647EPSS

Exploits0References6Affected Software3

RedhatCVE•added 2020/04/09 10:50 a.m.•40 views

CVE-2019-11249

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...

6.5CVSS2.7AI score0.49935EPSS

Exploits2References4

NVD•added 2020/02/03 4:15 p.m.•16 views

CVE-2019-11251

5.7CVSS5.8AI score0.02647EPSS

Exploits0References2

RedHat Linux•added 2019/11/07 4:55 p.m.•2 views

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

5.7CVSS6.9AI score0.02647EPSS

Exploits0References5

RedHat Linux•added 2019/11/07 4:55 p.m.•2 views

kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal

6.5CVSS7AI score0.49935EPSS

Exploits2References5

RedHat Linux•added 2019/10/29 4:22 p.m.•3 views

kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal

6.5CVSS7AI score0.49935EPSS

Exploits2References5

RedHat Linux•added 2019/09/24 12:31 p.m.•2 views

kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal

6.5CVSS7AI score0.49935EPSS

Exploits2References5

Veracode•added 2019/09/20 2:8 a.m.•28 views

Arbitrary File Write

github.com/kubernetes/kubernetes is vulnerable to arbitrary file write. The kubectl cp command does not safely process symlinks during unpacking, which would allow an attacker to unpack files outside of the destination directory...

5.7CVSS3.3AI score0.02647EPSS

Exploits0References8Affected Software3

Positive Technologies•added 2019/09/18 12:0 a.m.•2 views

PT-2019-5665 · Kubernetes +1 · Kubernetes +1

Name of the Vulnerable Software and Affected Versions: Kubernetes versions 1.1 through 1.12 Kubernetes versions prior to 1.13.11 Kubernetes versions prior to 1.14.7 Kubernetes versions prior to 1.15.4 Description: The issue is related to the Kubernetes kubectl cp command, which allows an attacker...

7.8CVSS6.6AI score0.50822EPSS

Exploits1References24

NVD•added 2019/08/29 1:15 a.m.•17 views

CVE-2019-11246

6.5CVSS6.6AI score0.00813EPSS

Exploits0References3

NVD•added 2019/08/29 1:15 a.m.•20 views

CVE-2019-11249

6.5CVSS6.1AI score0.02095EPSS

Exploits0References8

OSV•added 2019/08/29 1:15 a.m.•23 views

CVE-2019-11249