CVE-2019-11251

Published: 03 February 2020

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

Priority

Unknown

CVSS 3 base score: 5.7

Status

Package Release Status
kubernetes
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(debian: Vulnerable code not present)
Ubuntu 20.10 (Groovy Gorilla) Needs triage

Ubuntu 20.04 LTS (Focal Fossa) Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Notes

AuthorNote
leosilva
kubernates is in fact a kubernetes installer
that calls snap, not the package it self.

References