Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-rqgw-vh6p-qf7j

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 9.6

Описание

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

EPSS

Процентиль: 97%
0.33018
Средний

9.6 Critical

CVSS3

Дефекты

CWE-59

Связанные уязвимости

CVSS3: 8.8
ubuntu
больше 7 лет назад

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

CVSS3: 7.2
redhat
больше 7 лет назад

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

CVSS3: 8.8
nvd
больше 7 лет назад

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

CVSS3: 8.8
debian
больше 7 лет назад

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...

oracle-oval
больше 7 лет назад

ELSA-2018-4061: kubernetes security update (IMPORTANT)

EPSS

Процентиль: 97%
0.33018
Средний

9.6 Critical

CVSS3

Дефекты

CWE-59