Live Webinar – Kubernetes Security Best Practices (Nov 21, 10am PT) REGISTER TODAY
{ .link_text }}

Posts under Kubectl

Beyond Patching: Fixing kubectl cp CVE-2019-11251

Beyond Patching: Fixing kubectl cp CVE-2019-11251

The Kubernetes project released patches yesterday for kubectl 1.13, 1.14, and 1.15, and also released kubectl 1.16.0 along with the release of Kubernetes 1.16. The previous versions were patched to address ongoing security vulnerabilities with the kubectl cp subcommand that could allow critical files to be overwritten or exfiltrated by accidental or malicious replacements when copying from a running container. Fixing CVE-2019-11251 To address CVE-2019-11251, update all installations of the kubectl program to 1.