CVE-2017-1002101
CVSS v3.0
9.6 (Critical)
CVSS v2.0
5.5 (Medium)
EPSS
0.20 % (57th)
Affected Products
1
Advisories
5
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.
Weaknesses
- CWE-59
- Improper Link Resolution Before File Access ('Link Following')
- CVE Status
- PUBLISHED
- CNA
- Kubernetes
- Published Date
-
2018-03-13 17:29:00
(6 years ago) - Updated Date
-
2019-10-09 23:21:25
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...