CVE-2024-10220

Published Nov 22, 2024

Last updated 3 months ago

Overview

Description
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.
Source
jordan@liggitt.net
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.1
Impact score
5.2
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity
HIGH

Weaknesses

jordan@liggitt.net
CWE-22

Social media

Hype score
Not currently trending
  1. Kubernetes の脆弱性 CVE-2024-10220 が FIX:任意のコマンド実行が可能に https://t.co/dM8k7Q8K8u #git #Kubelet #Kubernetes #OpenSource #Repository #Vulnerability

    @iototsecnews

    2 Dec 2024

    107 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Top 5 Trending CVEs: 1 - CVE-2023-20963 2 - CVE-2024-46938 3 - CVE-2024-52940 4 - CVE-2024-0012 5 - CVE-2024-10220 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    23 Nov 2024

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-10220 The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 thr… https://t.co/ODJDAM0FKG

    @CVEnew

    22 Nov 2024

    332 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Kubernetes affected by CVE-2024-10220 Flaw #Kubernetes #cve-2024-10220 https://t.co/yjuTmsychi

    @pravin_karthik

    22 Nov 2024

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨🚨CVE-2024-10220 (CVSS: 8.1) : Kubernetes Vulnerability Allows Arbitrary Command Execution ⚠️This vulnerability leverages the hooks folder in the target repository to run arbitrary commands outside of the container’s boundary. ZoomEye Dork👉app="Kubernetes kubelet" 3m+ results

    @zoomeye_team

    22 Nov 2024

    384 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ⚠️⚠️ CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution 🎯5m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/CwjaXMZdnV FOFA Query:app="kubernetes" 🔖Refer: https://t.co/nILAZ82bCq #OSINT #FOFA #CyberSecurity…

    @fofabot

    21 Nov 2024

    4226 Impressions

    11 Retweets

    43 Likes

    12 Bookmarks

    1 Reply

    2 Quotes

  7. CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution https://t.co/xvmEPaKblF

    @Dinosn

    21 Nov 2024

    7525 Impressions

    57 Retweets

    119 Likes

    39 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution Learn about the high-severity vulnerability CVE-2024-10220 in #Kubernetes that allows arbitrary command execution outside container boundaries https://t.co/BhJmfFfH6e

    @the_yellow_fall

    21 Nov 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2024-10220: Kubernetes: Arbitrary command execution through gitRepo volume https://t.co/9cj2nLMwf3

    @oss_security

    20 Nov 2024

    221 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes