blob: a11986e31bd534e6eb72fbd45baa0406f21f68f5 [file] [log] [blame]
id: GO-2022-0629
modules:
- module: sigs.k8s.io/secrets-store-csi-driver
versions:
- introduced: 0.0.15
- fixed: 0.0.17
vulnerable_at: 0.0.16
packages:
- package: sigs.k8s.io/secrets-store-csi-driver/controllers
symbols:
- SecretProviderClassPodStatusReconciler.Reconcile
- package: sigs.k8s.io/secrets-store-csi-driver/pkg/rotation
symbols:
- Reconciler.reconcile
derived_symbols:
- Reconciler.Run
- package: sigs.k8s.io/secrets-store-csi-driver/pkg/secrets-store
symbols:
- nodeServer.NodeUnpublishVolume
derived_symbols:
- SecretsStore.Run
summary: Directory traversal in sigs.k8s.io/secrets-store-csi-driver
description: |-
Modifying pod status allows host directory traversal.
Kubernetes Secrets Store CSI Driver allows an attacker who can modify a
SecretProviderClassPodStatus/Status resource the ability to write content to the
host filesystem and sync file contents to Kubernetes Secrets. This includes
paths under var/lib/kubelet/pods that contain other Kubernetes Secrets.
published: 2022-02-15T01:57:18Z
cves:
- CVE-2020-8568
ghsas:
- GHSA-5cgx-vhfp-6cf9
credits:
- tam7t (Tommy Murphy)
references:
- fix: https://github.com/kubernetes-sigs/secrets-store-csi-driver/pull/371
- fix: https://github.com/kubernetes-sigs/secrets-store-csi-driver/commit/c2cbb19e2eef16638fa0523383788a4bc22231fd
review_status: REVIEWED