CVE-2024-10220
CVSS V2 None
CVSS V3 None
Description
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.
Overview
- CVE ID
- CVE-2024-10220
- Assigner
- kubernetes
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-22T16:23:00.535Z
- Last Modified Date
- 2024-11-22T17:02:54.798Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/kubernetes/kubernetes/issues/128885 | issue-tracking |
https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko | mailing-list |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-10220 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-23 13:37:21 | Added to TrackCVE |