Demystifying Kubernetes CVE-2018-1002105 (and a dead simple exploit)

Earlier this week a major vulnerability in Kubernetes was made public by its maintainers. It was originally caught as a bug by Darren Shepherd and was later marked as a critical vulnerability and assigned CVE-2018-1002105. Its implications were clearly laid out in its Github issue page by Kubernetes developer Jordan Liggitt. The bug was fixed … Continue reading Demystifying Kubernetes CVE-2018-1002105 (and a dead simple exploit)