The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: kubernetes

Published: 2020-02-03T15:35:13

Updated: 2024-08-04T22:48:09.005Z

Reserved: 2019-04-17T00:00:00

Link: CVE-2019-11251

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-03T16:15:11.140

Modified: 2024-11-21T04:20:48.460

Link: CVE-2019-11251

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-09-18T00:00:00Z

Links: CVE-2019-11251 - Bugzilla