CVSS: 6.4EPSS: 0%CPEs: 7EXPL: 1CVE-2019-1002101 – kubectl cp path traversal
https://notcve.org/view.php?id=CVE-2019-1002101
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. • https://github.com/brompwnie/CVE-2019-1002101-Helpers http://www.openwall.com/lists/oss-security/2019/06/21/1 http://www.openwall.com/lists/oss-security/2019/08/05/5 http://www.securityfocus.com/bid/107652 https://access.redhat.com/errata/RHBA-2019:0619 https://access.redhat.com/errata/RHBA-2019:0620 https://access.redhat.com/errata/RHBA-2019:0636 https://access.redhat.com/security/cve/cve-2019-1002101 https://github.com/kubernetes/kubernetes/pull/75037 https:/&#x • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-1002100 – kube-apiserver: DoS with crafted patch of type json-patch
https://notcve.org/view.php?id=CVE-2019-1002100
In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server. En todas las versiones de Kubernetes anteriores a las v1.11.8, v1.12.6 y v1.13.4, los usuarios autorizados para realizar peticiones de parche en el servidor API de Kubernetes pueden enviar parches "json-patch" (p.ej., `kubectl patch --type json` o `"Content-Type: application/json-patch+json"`) especialmente manipulados que consumen recursos excesivos durante el procesamiento, conduciendo a una denegación de servicio (DoS) en el servidor API A denial of service vulnerability was found in the Kubernetes API server. A remote user, with authorization to apply patches, could exploit this via crafted JSON input, causing excessive consumption of resources and subsequent denial of service. • http://www.securityfocus.com/bid/107290 https://access.redhat.com/errata/RHSA-2019:1851 https://access.redhat.com/errata/RHSA-2019:3239 https://github.com/kubernetes/kubernetes/issues/74534 https://groups.google.com/forum/#%21topic/kubernetes-announce/vmUUNkYfG9g https://security.netapp.com/advisory/ntap-20190416-0002 https://access.redhat.com/security/cve/CVE-2019-1002100 https://bugzilla.redhat.com/show_bug.cgi?id=1683190 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •