漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Kubernetes Java client libraries unvalidated path traversal in Copy implementation
Vulnerability Description
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.
CVSS Information
N/A
Vulnerability Type
相对路径遍历
Vulnerability Title
Kubernetes 路径遍历漏洞
Vulnerability Description
Kubernetes是美国Linux基金会的一套开源的Docker容器集群管理系统。该系统为容器化的应用提供资源调度、部署运行、服务发现和扩容缩容等功能。 Kubernetes 10.0.0 和 9.0.1之前版本存在安全漏洞,攻击者可以通过Kubernetes Java Client的Pod Copy遍历目录。
CVSS Information
N/A
Vulnerability Type
N/A