Kubernetes “kubectl cp” Command to Jeopardize Cloud-Based Host Instances
Kubernetes “kubectl cp” Command to Jeopardize Cloud-Based Host Instances A security issue was recently discovered with the Kubernetes kubectl cp command that could potentially enable a directory traversal to replace or delete files on a user’s workstation or cloud instance. This is a high severity issue, and it is recommended to upgrade kubectl to Kubernetes 1.11.9, 1.12.7, 1.13.5, or 1.14.0. See CVE-2019-1002101 and the fix.
The latest security issue was initially found earlier this month by Ariel Zelivansky, a security researcher at Twistlock.