{"id":"CVE-2024-10220","details":"The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.","aliases":["GHSA-27wf-5967-98gx","GO-2024-3286"],"modified":"2026-04-09T09:52:58.275116Z","published":"2024-11-22T17:15:06.650Z","related":["CGA-qv2r-m637-rw2f","MGASA-2024-0389","openSUSE-SU-2024:14567-1"],"references":[{"type":"WEB","url":"https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/11/20/1"},{"type":"REPORT","url":"https://github.com/kubernetes/kubernetes/issues/128885"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"0"},{"last_affected":"f25b321b9ae42cb1bfaa00b3eec9a12566a15d91"},{"introduced":"3f7a50f38688eb332e2a1b013678c6435d539ae6"},{"last_affected":"062798d53d83265b9e05f14d85198f74362adaca"},{"introduced":"7c48c2bd72b9bf5c44d21d7338cc7bea77d0ad2a"},{"last_affected":"39683505b630ff2121012f3c5b16215a1449d5ed"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.28.11"},{"introduced":"1.29.0"},{"last_affected":"1.29.6"},{"introduced":"1.30.0"},{"last_affected":"1.30.2."}]}}],"versions":["v0.13.1-dev","v0.17.0","v1.1.0-alpha.0","v1.1.0-alpha.1","v1.10.0-alpha.0","v1.10.0-alpha.1","v1.10.0-alpha.2","v1.10.0-alpha.3","v1.11.0-alpha.0","v1.11.0-alpha.1","v1.11.0-alpha.2","v1.12.0-alpha.0","v1.12.0-alpha.1","v1.13.0-alpha.0","v1.13.0-alpha.1","v1.13.0-alpha.2","v1.13.0-alpha.3","v1.14.0-alpha.0","v1.14.0-alpha.1","v1.14.0-alpha.2","v1.14.0-alpha.3","v1.15.0-alpha.0","v1.15.0-alpha.1","v1.15.0-alpha.2","v1.15.0-alpha.3","v1.16.0-alpha.0","v1.16.0-alpha.1","v1.16.0-alpha.2","v1.16.0-alpha.3","v1.17.0-alpha.0","v1.17.0-alpha.1","v1.17.0-alpha.2","v1.17.0-alpha.3","v1.18.0-alpha.0","v1.18.0-alpha.1","v1.18.0-alpha.2","v1.18.0-alpha.4","v1.18.0-alpha.5","v1.19.0-alpha.0","v1.19.0-alpha.1","v1.19.0-alpha.2","v1.19.0-alpha.3","v1.19.0-beta.0","v1.19.0-beta.1","v1.19.0-beta.2","v1.2.0-alpha.1","v1.2.0-alpha.2","v1.2.0-alpha.3","v1.2.0-alpha.4","v1.2.0-alpha.5","v1.2.0-alpha.6","v1.2.0-alpha.7","v1.2.0-alpha.8","v1.20.0-alpha.0","v1.20.0-alpha.1","v1.20.0-alpha.2","v1.20.0-alpha.3","v1.20.0-beta.0","v1.20.0-beta.1","v1.20.0-beta.2","v1.21.0-alpha.0","v1.21.0-alpha.1","v1.21.0-alpha.2","v1.21.0-alpha.3","v1.21.0-beta.0","v1.21.0-beta.1","v1.22.0-alpha.0","v1.22.0-alpha.1","v1.22.0-alpha.2","v1.22.0-alpha.3","v1.22.0-beta.0","v1.22.0-beta.1","v1.22.0-beta.2","v1.23.0-alpha.0","v1.23.0-alpha.1","v1.23.0-alpha.2","v1.23.0-alpha.3","v1.23.0-alpha.4","v1.24.0-alpha.0","v1.24.0-alpha.1","v1.24.0-alpha.2","v1.24.0-alpha.3","v1.24.0-alpha.4","v1.24.0-beta.0","v1.25.0-alpha.0","v1.25.0-alpha.1","v1.25.0-alpha.2","v1.25.0-alpha.3","v1.25.0-beta.0","v1.26.0-alpha.0","v1.26.0-alpha.1","v1.26.0-alpha.2","v1.26.0-alpha.3","v1.26.0-beta.0","v1.27.0-alpha.0","v1.27.0-alpha.1","v1.27.0-alpha.2","v1.27.0-alpha.3","v1.27.0-beta.0","v1.28.0","v1.28.0-alpha.0","v1.28.0-alpha.1","v1.28.0-alpha.2","v1.28.0-alpha.3","v1.28.0-alpha.4","v1.28.0-beta.0","v1.28.0-rc.0","v1.28.0-rc.1","v1.28.1","v1.28.10","v1.28.11","v1.28.2","v1.28.3","v1.28.4","v1.28.5","v1.28.6","v1.28.7","v1.28.8","v1.28.9","v1.29.0","v1.29.0-alpha.0","v1.29.1","v1.29.2","v1.29.3","v1.29.4","v1.29.5","v1.29.6","v1.3.0-alpha.0","v1.3.0-alpha.1","v1.3.0-alpha.2","v1.3.0-alpha.3","v1.3.0-alpha.4","v1.3.0-alpha.5","v1.30.0","v1.30.1","v1.30.2","v1.4.0-alpha.1","v1.4.0-alpha.2","v1.4.0-alpha.3","v1.5.0-alpha.0","v1.5.0-alpha.1","v1.5.0-alpha.2","v1.6.0-alpha.0","v1.6.0-alpha.1","v1.6.0-alpha.2","v1.6.0-alpha.3","v1.7.0-alpha.0","v1.7.0-alpha.1","v1.7.0-alpha.2","v1.7.0-alpha.3","v1.7.0-alpha.4","v1.8.0-alpha.0","v1.8.0-alpha.1","v1.8.0-alpha.2","v1.8.0-alpha.3","v1.9.0-alpha.0","v1.9.0-alpha.1","v1.9.0-alpha.2","v1.9.0-alpha.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-10220.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}