5 matches found
CVE-2025-46599 vulnerabilities
Vulnerabilities for packages: k3s...
CVE-2025-46599 vulnerabilities
Vulnerabilities for packages: rke2-runtime, rke2-runtime-fips, k3s...
CVE-2025-46599
CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...
CVE-2025-46599
CVE-2025-46599 affects CNCF K3s 1.32 before 1.32.4-rc1+k3s1. The issue is a kubelet configuration change that, in some scenarios, leaves ReadOnlyPort at 10255, potentially allowing unauthenticated access and exposure of credentials. The CVE’s public details indicate the impact is credentials expo...
CVE-2025-46599
CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...