Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-016823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016823 advisory. A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching...

Security Bulletin: Astronomer with IBM is vulnerable to object abuse due to Kubernetes (CVE-2025-5187)

Summary Kubernetes is used by Astronomer with IBM as part of service management functionality. Vulnerability Details CVEID:CVE-2025-5187 DESCRIPTION: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node obje...

Security Bulletin: Astronomer with IBM is vulnerable to authorization bypass due to the Kubernetes NodeRestriction functionality (CVE-2025-4563)

Summary Kubernetes is used by Astronomer with IBM as part of overall processing and deployment. Vulnerability Details CVEID:CVE-2025-4563 DESCRIPTION: A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When t...

EUVD-2025-18894

Malicious code in bioql PyPI...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2025-5187)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that may allow node users to delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. CVE-2025-5187. Vulnerability Details CVEID:...

OESA-2025-2284 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2282 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2281 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

SUSE CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

GHSA-4X4M-3C2P-QPPC Kubernetes Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Kubernetes Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

DEBIAN-CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller. An attacker can cause unauthorized deletion of node objects by patching them with an OwnerReference to a cluster-scoped resource, resulting in the node being deleted...

CVE-2025-5187

CVE-2025-5187 is a Kubernetes NodeRestriction vulnerability: node users can delete their own node object by patching an OwnerReference to a cluster-scoped resource, leading to potential node deletion if the OwnerReference resource is missing or GC removes it. The IBM bulletin notes this CVE (alon...

CVE-2025-5187

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Kubernetes 安全漏洞

Kubernetes K8s is an open source system for automating the deployment, scaling, and management of containerized applications from the Kubernetes open source. A security vulnerability exists in Kubernetes that stems from mishandling of the NodeRestriction access controller, which could lead to nod...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...

CVE-2025-4563

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...