NEW REPORT: State of Container and Kubernetes Security 2019 DOWNLOAD NOW
{ .link_text }}

Posts under Kubectl

Beyond Patching: Fixing kubectl cp CVE-2019-11251

Beyond Patching: Fixing kubectl cp CVE-2019-11251

The Kubernetes project released patches yesterday for kubectl 1.13, 1.14, and 1.15, and also released kubectl 1.16.0 along with the release of Kubernetes 1.16. The previous versions were patched to address ongoing security vulnerabilities with the kubectl cp subcommand that could allow critical files to be overwritten or exfiltrated by accidental or malicious replacements when copying from a running container. Fixing CVE-2019-11251 To address CVE-2019-11251, update all installations of the kubectl program to 1.