/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-9042

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-9042

CGA ID

CGA-rmmm-cj5w-3wv7

Severity

Unknown

Summary

Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API

Description

A security vulnerability has been discovered in Kubernetes windows nodes that could allow a user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host. This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs