CVE-2019-11245

In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. If the pod did not specify mustRunAsNonRoot: true, the kubelet will run the container as uid 0.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kubernetes:kubernetes:1.13.6:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:1.14.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-08-29 01:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-11245

Mitre link : CVE-2019-11245

CVE.ORG link : CVE-2019-11245


JSON object : View

Products Affected

kubernetes

  • kubernetes
CWE
CWE-264

Permissions, Privileges, and Access Controls

CWE-703

Improper Check or Handling of Exceptional Conditions