{"id":"GO-2022-0802","summary":"Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes","details":"Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes","aliases":["CVE-2019-11251","GHSA-6qfg-8799-r575"],"modified":"2026-03-03T04:50:54.446325Z","published":"2024-08-21T15:29:02Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-0802"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-6qfg-8799-r575"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/issues/87773"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/82143"},{"type":"WEB","url":"https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ"}],"affected":[{"package":{"name":"k8s.io/kubernetes","ecosystem":"Go","purl":"pkg:golang/k8s.io/kubernetes"},"ranges":[{"type":"SEMVER","events":[{"introduced":"1.13.10"},{"fixed":"1.13.11"},{"introduced":"1.14.6"},{"fixed":"1.14.7"},{"introduced":"1.15.3"},{"fixed":"1.16.0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0802.json"}}],"schema_version":"1.7.3"}