A recently discovered vulnerability in Kubernetes has raised significant concerns within the cybersecurity community. Akamai researcher Tomer Peled identified a design flaw in Kubernetes’ sidecar project, git-sync, which could allow attackers to execute command injection attacks.
This vulnerability affects default Kubernetes installations across various platforms, including Amazon EKS, Azure AKS, and Google GKE. It will be presented at DEF CON 2024.
https://cybersecuritynews.com/kubernete ... injection/