CVE-2026-24005

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since...

CVE-2026-24005 OpenKruise PodProbeMarker is Vulnerable to SSRF via Unrestricted Host Field

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since...

PT-2026-21979

Name of the Vulnerable Software and Affected Versions Kruise versions prior to 1.8.3 Kruise versions prior to 1.7.5 Description Kruise allows automated management of applications on Kubernetes. A flaw exists in the PodProbeMarker functionality where the webhook validation does not restrict the...

SUSE CVE-2020-8558

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...

UBUNTU-CVE-2020-8558

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...