mcp-server-kubernetes 2.9.7

Direct Vulnerabilities

Known vulnerabilities in the mcp-server-kubernetes package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Arbitrary Argument Injection mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl Affected versions of this package are vulnerable to Arbitrary Argument Injection through the `startPortForward` function in `src/tools/port_forward.ts`. An attacker can inject additional `kubectl` flags by supplying crafted `namespace`, `resourceType`, or `resourceName` values when starting a port-forward, causing the tool to run `kubectl` with attacker-controlled arguments. This can redirect the port-forward to unintended resources or alter `kubectl` behavior, leading to unauthorized access to cluster resources and disruption of the user’s port-forward session. How to fix Arbitrary Argument Injection? Upgrade `mcp-server-kubernetes` to version 3.5.0 or higher.	>=1.0.0 <3.5.0
H Arbitrary Command Injection mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl Affected versions of this package are vulnerable to Arbitrary Command Injection via the `exec_in_pod` tool. An attacker can execute arbitrary commands within Kubernetes pods by supplying crafted input containing shell meta-characters, which are interpreted by the shell due to lack of input validation. Note: This can be exploited either directly by users with access to the tool interface or indirectly by embedding malicious instructions in pod logs that may be executed by AI agents. How to fix Arbitrary Command Injection? Upgrade `mcp-server-kubernetes` to version 2.9.8 or higher.	<2.9.8

Vulnerability

Vulnerable Version

Arbitrary Argument Injection

mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl

Affected versions of this package are vulnerable to Arbitrary Argument Injection through the startPortForward function in src/tools/port_forward.ts. An attacker can inject additional kubectl flags by supplying crafted namespace, resourceType, or resourceName values when starting a port-forward, causing the tool to run kubectl with attacker-controlled arguments. This can redirect the port-forward to unintended resources or alter kubectl behavior, leading to unauthorized access to cluster resources and disruption of the user’s port-forward session.

How to fix Arbitrary Argument Injection?

Upgrade mcp-server-kubernetes to version 3.5.0 or higher.

>=1.0.0 <3.5.0

Arbitrary Command Injection

mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl

Affected versions of this package are vulnerable to Arbitrary Command Injection via the exec_in_pod tool. An attacker can execute arbitrary commands within Kubernetes pods by supplying crafted input containing shell meta-characters, which are interpreted by the shell due to lack of input validation.

Note:

This can be exploited either directly by users with access to the tool interface or indirectly by embedding malicious instructions in pod logs that may be executed by AI agents.

How to fix Arbitrary Command Injection?

Upgrade mcp-server-kubernetes to version 2.9.8 or higher.

<2.9.8

mcp-server-kubernetes@2.9.7

MCP server for interacting with Kubernetes clusters via kubectl

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically