Kubernetes has recently experienced two serious vulnerabilities, CVE-2019-11247 and CVE-2019-11249, which can be exploited for directory traversal attacks and bypassing security permissions through role-based access control. These issues arise from insufficient security configurations, such as incorrect or missing path sanitization in the kubectl cp operation, allowing malicious actors to manipulate file systems outside their intended scope. To remediate these vulnerabilities, users are advised to upgrade to a patched version of Kubernetes, remove wildcard role definitions for resources or apiGroups if upgrading is not possible, and avoid removing Role-Based Access Control (RBAC) from clusters, as this would introduce an even larger security risk. By taking these steps, users can protect their Kubernetes clusters from these serious vulnerabilities.