[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-10220":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":54,"related":55,"reserved_at":9,"published_at":72,"modified_at":73,"state":74,"summary":75,"references_raw":83,"kevs":123,"epss":124,"epss_history":127,"metrics":385,"affected":398},"CVE-2024-10220","The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[42,43],"GHSA-27wf-5967-98gx","GO-2024-3286",[],[46,48,50,52],{"_key":47},"UBUNTU-CVE-2024-10220",{"_key":49},"OPENSUSE-SU-2024:14567-1",{"_key":51},"MGASA-2024-0389",{"_key":53},"DEBIAN-CVE-2024-10220",[],[56,57,58,60,62,64,66,68,70],{"_key":49},{"_key":51},{"_key":59},"CGA-5G6X-3RJ5-VM63",{"_key":61},"CGA-8FFJ-5FMX-J87H",{"_key":63},"CGA-JP33-457G-MQFH",{"_key":65},"CGA-MGFP-FW74-782V",{"_key":67},"CGA-QVPH-279V-QP3P",{"_key":69},"CGA-W2F2-F9FV-696M",{"_key":71},"CGA-QV2R-M637-RW2F","2024-11-22T16:23:00.535Z","2024-11-25T18:22:59.457Z","Deferred",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":77,"epss_score":78,"severity":77,"severity_score":79,"severity_version":80,"severity_source":81,"severity_vector":82,"severity_status":74},false,"high",0.39569,8.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",[84,92,97,101,106,110,115,119],{"url":85,"sources":86,"tags":89},"https://github.com/kubernetes/kubernetes/issues/128885",[81,87,88],"nvd","osv_go",[90,91],"Issue Tracking","WEB",{"url":93,"sources":94,"tags":95},"https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko",[81,87,88],[96,91],"Mailing List",{"url":98,"sources":99,"tags":100},"http://www.openwall.com/lists/oss-security/2024/11/20/1",[81,87,88],[91],{"url":102,"sources":103,"tags":104},"https://nvd.nist.gov/vuln/detail/CVE-2024-10220",[88],[105],"Advisory",{"url":107,"sources":108,"tags":109},"https://github.com/kubernetes/kubernetes/commit/1ab06efe92d8e898ca1931471c9533ce94aba29b",[88],[91],{"url":111,"sources":112,"tags":113},"https://github.com/kubernetes/kubernetes",[88],[114],"PACKAGE",{"url":116,"sources":117,"tags":118},"https://pkg.go.dev/vuln/GO-2024-3286",[88],[91],{"url":120,"sources":121,"tags":122},"https://github.com/advisories/GHSA-27wf-5967-98gx",[88],[105],[],{"date":125,"score":78,"percentile":126},"2026-06-04",0.97383,[128,132,135,138,141,143,145,147,149,151,154,157,159,162,164,168,171,174,177,180,183,185,188,191,194,197,200,202,206,209,212,214,217,220,222,225,228,231,234,237,239,242,245,248,251,254,256,259,261,264,266,269,272,275,278,281,285,289,292,296,299,302,305,309,312,314,317,320,323,325,328,331,334,337,340,343,346,348,351,354,357,360,363,366,369,371,374,376,378,381],{"date":129,"score":130,"percentile":131},"2025-11-04",0.22805,0.95635,{"date":133,"score":130,"percentile":134},"2025-11-05",0.95634,{"date":136,"score":130,"percentile":137},"2025-11-06",0.95636,{"date":139,"score":130,"percentile":140},"2025-11-07",0.95638,{"date":142,"score":130,"percentile":131},"2025-11-08",{"date":144,"score":130,"percentile":134},"2025-11-09",{"date":146,"score":130,"percentile":134},"2025-11-10",{"date":148,"score":130,"percentile":131},"2025-11-11",{"date":150,"score":130,"percentile":140},"2025-11-12",{"date":152,"score":130,"percentile":153},"2025-11-13",0.9564,{"date":155,"score":130,"percentile":156},"2025-11-14",0.95641,{"date":158,"score":130,"percentile":140},"2025-11-15",{"date":160,"score":130,"percentile":161},"2025-11-16",0.95639,{"date":163,"score":130,"percentile":153},"2025-11-17",{"date":165,"score":166,"percentile":167},"2025-11-18",0.44406,0.97403,{"date":169,"score":166,"percentile":170},"2025-11-19",0.97404,{"date":172,"score":166,"percentile":173},"2025-11-20",0.97405,{"date":175,"score":130,"percentile":176},"2025-11-21",0.9565,{"date":178,"score":130,"percentile":179},"2025-11-22",0.95649,{"date":181,"score":130,"percentile":182},"2025-11-23",0.95647,{"date":184,"score":130,"percentile":179},"2025-11-24",{"date":186,"score":130,"percentile":187},"2025-11-25",0.95652,{"date":189,"score":130,"percentile":190},"2025-11-26",0.95653,{"date":192,"score":130,"percentile":193},"2025-11-27",0.95656,{"date":195,"score":130,"percentile":196},"2025-11-28",0.95654,{"date":198,"score":130,"percentile":199},"2025-11-29",0.95657,{"date":201,"score":130,"percentile":193},"2025-11-30",{"date":203,"score":204,"percentile":205},"2025-12-01",0.14943,0.9432,{"date":207,"score":204,"percentile":208},"2025-12-02",0.94321,{"date":210,"score":204,"percentile":211},"2025-12-03",0.94322,{"date":213,"score":130,"percentile":199},"2025-12-04",{"date":215,"score":130,"percentile":216},"2025-12-05",0.9566,{"date":218,"score":130,"percentile":219},"2025-12-06",0.95661,{"date":221,"score":130,"percentile":219},"2025-12-07",{"date":223,"score":130,"percentile":224},"2025-12-08",0.95663,{"date":226,"score":130,"percentile":227},"2025-12-09",0.95665,{"date":229,"score":130,"percentile":230},"2025-12-10",0.95669,{"date":232,"score":130,"percentile":233},"2025-12-11",0.95671,{"date":235,"score":130,"percentile":236},"2025-12-12",0.95675,{"date":238,"score":130,"percentile":236},"2025-12-13",{"date":240,"score":130,"percentile":241},"2025-12-14",0.95676,{"date":243,"score":130,"percentile":244},"2025-12-15",0.9568,{"date":246,"score":130,"percentile":247},"2025-12-16",0.95683,{"date":249,"score":130,"percentile":250},"2025-12-17",0.95685,{"date":252,"score":130,"percentile":253},"2025-12-18",0.95687,{"date":255,"score":130,"percentile":253},"2025-12-19",{"date":257,"score":130,"percentile":258},"2025-12-20",0.95689,{"date":260,"score":130,"percentile":258},"2025-12-21",{"date":262,"score":130,"percentile":263},"2025-12-22",0.95688,{"date":265,"score":130,"percentile":253},"2025-12-23",{"date":267,"score":130,"percentile":268},"2025-12-24",0.95692,{"date":270,"score":130,"percentile":271},"2025-12-25",0.95695,{"date":273,"score":130,"percentile":274},"2025-12-26",0.95696,{"date":276,"score":130,"percentile":277},"2025-12-27",0.95717,{"date":279,"score":130,"percentile":280},"2025-12-28",0.95693,{"date":282,"score":283,"percentile":284},"2025-12-29",0.32788,0.96714,{"date":286,"score":287,"percentile":288},"2025-12-30",0.27837,0.96286,{"date":290,"score":287,"percentile":291},"2025-12-31",0.96291,{"date":293,"score":294,"percentile":295},"2026-01-01",0.26383,0.96181,{"date":297,"score":294,"percentile":298},"2026-01-02",0.96177,{"date":300,"score":294,"percentile":301},"2026-01-03",0.96174,{"date":303,"score":287,"percentile":304},"2026-01-04",0.96284,{"date":306,"score":307,"percentile":308},"2026-01-05",0.27328,0.96233,{"date":310,"score":307,"percentile":311},"2026-01-06",0.96235,{"date":313,"score":307,"percentile":311},"2026-01-07",{"date":315,"score":307,"percentile":316},"2026-01-08",0.96237,{"date":318,"score":307,"percentile":319},"2026-01-09",0.9624,{"date":321,"score":307,"percentile":322},"2026-01-10",0.96242,{"date":324,"score":307,"percentile":322},"2026-01-11",{"date":326,"score":307,"percentile":327},"2026-01-12",0.96243,{"date":329,"score":307,"percentile":330},"2026-01-13",0.96241,{"date":332,"score":307,"percentile":333},"2026-01-14",0.96248,{"date":335,"score":307,"percentile":336},"2026-01-15",0.96249,{"date":338,"score":307,"percentile":339},"2026-01-16",0.96251,{"date":341,"score":307,"percentile":342},"2026-01-17",0.96254,{"date":344,"score":307,"percentile":345},"2026-01-18",0.96256,{"date":347,"score":307,"percentile":345},"2026-01-19",{"date":349,"score":307,"percentile":350},"2026-01-20",0.96257,{"date":352,"score":307,"percentile":353},"2026-01-21",0.96258,{"date":355,"score":307,"percentile":356},"2026-01-22",0.96259,{"date":358,"score":307,"percentile":359},"2026-01-23",0.96263,{"date":361,"score":307,"percentile":362},"2026-01-24",0.96265,{"date":364,"score":307,"percentile":365},"2026-01-25",0.96268,{"date":367,"score":307,"percentile":368},"2026-01-26",0.96269,{"date":370,"score":307,"percentile":368},"2026-01-27",{"date":372,"score":307,"percentile":373},"2026-01-28",0.9627,{"date":375,"score":307,"percentile":373},"2026-01-29",{"date":377,"score":307,"percentile":373},"2026-01-30",{"date":379,"score":307,"percentile":380},"2026-01-31",0.96271,{"date":382,"score":383,"percentile":384},"2026-02-01",0.2589,0.96158,[386,391,393],{"source":81,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":387,"cvss_v4_0":9},{"baseScore":79,"baseSeverity":388,"vectorString":82,"impactScore":389,"exploitabilityScore":390},"HIGH",8.7,7.2,{"source":87,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":392,"cvss_v4_0":9},{"baseScore":79,"baseSeverity":388,"vectorString":82,"impactScore":389,"exploitabilityScore":390},{"source":88,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":394,"cvss_v4_0":395},{"baseScore":79,"baseSeverity":9,"vectorString":82,"impactScore":389,"exploitabilityScore":390},{"baseScore":396,"baseSeverity":9,"vectorString":397,"impactScore":9,"exploitabilityScore":9},8.6,"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",[399,421],{"ecosystem":400,"name":401,"vendor":402,"product":403,"cpe_part":9,"purl_type":404,"purl_namespace":402,"purl_name":403,"source":9,"versions":405},"Go","k8s.io/kubernetes","k8s.io","kubernetes","golang",[406,412,417],{"version":407,"is_range":408,"range_type":409,"version_start":9,"version_start_type":9,"version_end":410,"version_end_type":411,"fixed_in":9},"lt1_28_12",true,"semver","1.28.12","excluding",{"version":413,"is_range":408,"range_type":409,"version_start":414,"version_start_type":415,"version_end":416,"version_end_type":411,"fixed_in":9},"gte1_29_0_lt1_29_7","1.29.0","including","1.29.7",{"version":418,"is_range":408,"range_type":409,"version_start":419,"version_start_type":415,"version_end":420,"version_end_type":411,"fixed_in":9},"gte1_30_0_lt1_30_3","1.30.0","1.30.3",{"ecosystem":9,"name":422,"vendor":403,"product":422,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":424},"kubelet","a",[425,428,431],{"version":426,"is_range":408,"range_type":81,"version_start":9,"version_start_type":9,"version_end":427,"version_end_type":415,"fixed_in":9},"\u003C= 1.28.11","1.28.11",{"version":429,"is_range":408,"range_type":81,"version_start":414,"version_start_type":415,"version_end":430,"version_end_type":415,"fixed_in":9},">= 1.29.0, \u003C= 1.29.6","1.29.6",{"version":432,"is_range":408,"range_type":81,"version_start":419,"version_start_type":415,"version_end":433,"version_end_type":415,"fixed_in":9},">= 1.30.0, \u003C= 1.30.2","1.30.2"]