19 matches found
Security Bulletin: Astronomer with IBM is vulnerable to authorization bypass due to the Kubernetes NodeRestriction functionality (CVE-2025-4563)
Summary Kubernetes is used by Astronomer with IBM as part of overall processing and deployment. Vulnerability Details CVEID:CVE-2025-4563 DESCRIPTION: A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When t...
EUVD-2025-18894
Malicious code in bioql PyPI...
Nodes can bypass dynamic resource allocation authorization checks
...
Linux Distros Unpatched Vulnerability : CVE-2025-4563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the...
GO-2025-3774 Kubernetes allows nodes to bypass dynamic resource allocation authorization checks in k8s.io/kubernetes
Kubernetes allows nodes to bypass dynamic resource allocation authorization checks in k8s.io/kubernetes...
SUSE CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
DEBIAN-CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
AZL-64304 CVE-2025-4563 affecting package kubernetes for versions less than 1.30.10-9
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
UBUNTU-CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563
CVE-2025-4563 describes a vulnerability in the NodeRestriction admission controller where, with the DynamicResourceAllocation feature gate enabled, resource validation is performed on pod status updates but not on pod creation. This can allow a compromised node to create mirror pods that access u...
CVE-2025-4563
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...
Kubernetes 安全漏洞
Kubernetes K8s is an open source system from Kubernetes Open Source for automating the deployment, scaling, and management of containerized applications. A security vulnerability exists in Kubernetes that stems from insufficient authorization checking for dynamic resource allocation by the...