1 results (0.012 seconds)
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10220 – Arbitrary command execution through gitRepo volume
https://notcve.org/view.php?id=CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2. • https://github.com/kubernetes/kubernetes/issues/128885 https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko http://www.openwall.com/lists/oss-security/2024/11/20/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •