SUSE CVE-2025-32777

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

GO-2025-3656 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin in volcano.sh/volcano

Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin in volcano.sh/volcano...

CVE-2025-32777

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when using either the Elastic service or the extender plugin. An attacker can cause the scheduler to crash or become completely unavailable to the cluster. This is only exploitable if...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when using either the Elastic service or the extender plugin. An attacker can cause the scheduler to crash or become completely unavailable to the cluster. This is only exploitable if...

CVE-2025-32777 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

CVE-2025-32777 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

Impact This issue allows an attacker who has compromised either the Elastic service or the extender plugin to cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the...

GHSA-HG79-FW4P-25P8 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

Impact This issue allows an attacker who has compromised either the Elastic service or the extender plugin to cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the...

AWS VDP: Non-Production API Endpoints for the DocumentDB Elastic Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The DocumentDB Elastic service was found to have three non-production API endpoints that could be accessed using standard IAM credentials without logging to CloudTrail. This allowed for silent permission enumeration, where an adversary could determine the permissions of compromised credentials...