Veracode Vulnerability DatabaseVERACODE:20995Directory Traversal
0.002 Low
EPSS
Percentile
56.0%
github.com/kubernetes/kubernetes is vulnerable to directory traversal. The vulnerability exists as a malicious container can replace or create files on a user’s workstation. The vulnerability is due to incomplete fixes of CVE-2019-1002101 and CVE-2019-11246.
References
access.redhat.com/errata/RHBA-2019:2794
access.redhat.com/errata/RHBA-2019:2816
access.redhat.com/errata/RHBA-2019:2824
access.redhat.com/errata/RHSA-2019:3239
access.redhat.com/errata/RHSA-2019:3811
github.com/kubernetes/kubernetes/commit/f6278300bebbb750328ac16ee6dd3aa7d3549568
github.com/kubernetes/kubernetes/issues/80984
github.com/kubernetes/kubernetes/pull/80869
groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ
seclists.org/oss-sec/2019/q3/117
security.netapp.com/advisory/ntap-20190919-0003/
Related
