Can You Detect Kubernetes Runtime Vulnerabilities?
Can You Detect Kubernetes Runtime Vulnerabilities? Container images sometimes suffer from vulnerabilities ranging from negligible to critical. CVE-2019-11249, for example, is a Kubectl copy operation that, together with a malicious tar binary in the downloaded container, enables hackers to replace or create files on users’ machines even if the location is outside the destination directory of Kubectl copy operation. It can lead to a complete hostile takeover of the application pod, the Kubernetes node, and, in some cases, even the entire cluster.