12 matches found
Security Bulletin: Astronomer with IBM is vulnerable to authorization bypass due to the Kubernetes NodeRestriction functionality (CVE-2025-4563)
Summary Kubernetes is used by Astronomer with IBM as part of overall processing and deployment. Vulnerability Details CVEID:CVE-2025-4563 DESCRIPTION: A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When t...
Fedora: Security Advisory (FEDORA-2025-509fc3c663)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-4563 vulnerabilities
Vulnerabilities for packages: docker-machine-driver-harvester, rancher-system-agent, node-feature-discovery, rancher-agent, rancher, vcluster, azuredisk-csi, calico, emissary, rancher-fleet, yunikorn-k8shim, azurefile-csi, argo-cd, cloud-provider-gcp-cloud-controller-manager,...
CVE-2025-4563 vulnerabilities
Vulnerabilities for packages: argo-cd-fips, node-feature-discovery, rancher-system-agent, yunikorn-k8shim-fips, cloud-provider-gcp-cloud-controller-manager-fips, emissary, yunikorn-k8shim, blob-csi-fips, cloud-provider-gcp-cloud-controller-manager, argo-cd, cluster-autoscaler-fips,...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563
A flaw was found in the Kubernetes NodeRestriction admission controller when the DynamicResourceAllocation feature is enabled. While this controller properly validates resource claims during pod status updates, it fails to apply the same validation during pod creation. This oversight allows a...
Fedora 43 : kubernetes1.32 (2025-4df998d449)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4df998d449 advisory. Automatic update for kubernetes1.32-1.32.6-1.fc43. Changelog Thu Jun 19 2025 Bradley G Smith - 1.32.6-1 - Update to release v1.32.6 - Resolves:...