Marc Nuri

Name of the Vulnerable Software and Affected Versions: fabric8 kubernetes-client versions 4.2.0 and after Description: A flaw was found in the fabric8 kubernetes-client that allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. Recommendations: For versions prior to 4.7.2, update to kubernetes-client-4.7.2. For versions prior to 4.11.2, update to kubernetes-client-4.11.2. For versions prior to 4.13.2, update to kubernetes-client-4.13.2. For versions prior to 5.0.2, update to kubernetes-client-5.0.2.