VDB
DEBIAN-CVE-2017-1002101
DEBIAN-CVE-2017-1002101
PUBLISHED
CVSS 9.600000381469727 CRITICAL
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.
Risk Scores
CVSS 3.0
9.600000381469727
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | kubernetes | 0, 0, 0 |
| Debian:13 | kubernetes | 0, 0, 0 |
| Debian:11 | kubernetes | 0, 0, 0 |
| Debian:12 | kubernetes | 0, 0, 0 |
Timeline
- Mar 13, 2018 CVE Published
- Apr 28, 2026 CVE Updated