VDB

DEBIAN-CVE-2017-1002101

DEBIAN-CVE-2017-1002101 PUBLISHED CVSS 9.600000381469727 CRITICAL

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

Risk Scores

CVSS 3.0
9.600000381469727
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Affected Products

VendorProductVersions
Debian:14kubernetes0, 0, 0
Debian:13kubernetes0, 0, 0
Debian:11kubernetes0, 0, 0
Debian:12kubernetes0, 0, 0

Timeline

  • Mar 13, 2018 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›