Lucene search
KubernetesCVELIST:CVE-2021-25741HistoryJan 01, 1976 - 12:00 a.m.
CVE-2021-25741 Symlink Exchange Can Allow Host Filesystem Access
1976-01-0100:00:00
CWE-20
kubernetes
www.cve.org
1
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.
CNA Affected
[
{
"product": "Kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "1.19.14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.20.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.21.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.22.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
ibm
ibm
nessus
nessus
RHEL 7 / 8 : OpenShift Container Platform 4.7.32 (RHSA-2021:3635)
2022-09-15 00:00:00
Photon OS 3.0: Kubernetes PHSA-2021-3.0-0303
2021-09-27 00:00:00
Photon OS 2.0: Kubernetes PHSA-2021-2.0-0394
2021-09-27 00:00:00
githubexploit
githubexploit
debiancve
debiancve
CVE-2021-25741
2021-09-20 17:15:08
redhat
redhat
cbl_mariner
cbl_mariner
CVE-2021-25741 affecting package kubernetes-1.21.2 1.21.2-7
2024-07-05 21:08:36
CVE-2021-25741 affecting package kubernetes 1.22.4-3
2021-12-17 19:44:26
CVE-2021-25741 affecting package kubernetes-1.20.7 1.20.7-9
2024-07-05 21:08:36
veracode
veracode
Directory Traversal
2021-09-30 00:35:33
altlinux
altlinux
Security fix for the ALT Linux 10 package kubernetes version 1.22.4-alt1
2021-12-02 00:00:00
osv
osv
Files or Directories Accessible to External Parties in kubernetes
2021-11-01 17:32:28
CVE-2021-25741
2021-09-20 17:15:08
cve
cve
CVE-2021-25741
2021-09-20 17:15:08
github
github
Files or Directories Accessible to External Parties in kubernetes
2021-11-01 17:32:28
gitlab
gitlab
Files or Directories Accessible to External Parties
2021-11-01 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0112
2021-10-04 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0112
2021-10-04 00:00:00
redhatcve
redhatcve
CVE-2021-25741
2021-09-15 23:25:09
prion
prion
Design/Logic Flaw
2021-09-20 17:15:00
nvd
nvd
CVE-2021-25741
2021-09-20 17:15:08
cnvd
cnvd
kubernetes input validation error vulnerability
2021-09-17 00:00:00
oraclelinux
oraclelinux
olcne security update
2021-11-09 00:00:00
olcne istio istio kubernetes security update
2021-11-09 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
Related for CVELIST:CVE-2021-25741