Security Advisory

CVE-2018-1002100

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-01 21:00:00

Last updated 2024-09-16 16:17:37

Assigner kubernetes

State PUBLISHED

Description

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.

← Browse all CVEs View on cve.org ↗