EPSS
Percentile
41.5%
github.com/kubernetes/kubernetes is vulnerable to path traversal attacks. The attacks are possible because it does not validate the names of all object types ObjectMeta in BeforeCreate() before passing them to etcd to generate etcd key.
ObjectMeta
BeforeCreate()
etcd
etcd key
access.redhat.com/errata/RHSA-2015:1945
access.redhat.com/security/cve/CVE-2015-5305
bugzilla.redhat.com/show_bug.cgi?id=1273969
github.com/kubernetes/kubernetes/commit/68f2add9bd5d43b9da1424d87d88f83d120e17d0
github.com/kubernetes/kubernetes/pull/15975