A flaw was found in Kubernetes via the mishandling of symlinks when copying files from a running container. An attacker could exploit this by convincing a user to use kubectl cp
or oc cp
with a malicious container, allowing for arbitrary files to be overwritten on the host machine.