Kubernetes: >> Java >> 0.1 Security Vulnerabilities
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution.
CVSS Score
6.7
EPSS Score
0.001
Published
2021-10-11
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.
CVSS Score
9.1
EPSS Score
0.008
Published
2021-01-21