CVE-2018-1002101
MEDIUM5.9EPSS 0.85%Kubernetes Arbitrary Command Injection in k8s.io/kubernetes
Published: 2/15/2022Modified: 2/4/2026
Description
Kubernetes Arbitrary Command Injection in k8s.io/kubernetes
Affected packages (2)
- Go/k8s.io/kubernetes>= 1.9.0, < 1.9.10
- Go/k8s.io/kubernetes>= 1.9.0, < 1.9.10, >= 1.10.0, < 1.10.6, >= 1.11.0, < 1.11.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N |
References (7)
- ADVISORYhttps://github.com/advisories/GHSA-wqwf-x5cj-rg56
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-1002101
- WEBhttps://github.com/kubernetes/kubernetes/commit/d65039c56ce4de5f2efdc38aa1284eeb95f89169
- WEBhttps://github.com/kubernetes/kubernetes/issues/65750
- WEBhttps://github.com/kubernetes/kubernetes/pull/65751
- WEBhttps://security.netapp.com/advisory/ntap-20190416-0008
- WEBhttp://www.securityfocus.com/bid/106238