EUVD-2025-6386

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the...

GO-2025-3521 Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes

Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes...

CVE-2025-1767

A flaw was found in Kubernetes. This vulnerability allows a user with create pod permissions to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. Mitigation This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone...

CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...

CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...

CVE-2025-1767

CVE-2025-1767 affects Kubernetes clusters using the in-tree gitRepo volume to clone git repositories from pods on the same node. The in-tree gitRepo volume feature is deprecated and will not receive security updates upstream; clusters still using this feature remain vulnerable. The connected docu...

CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...

PT-2025-11205 · Unknown · Kubernetes

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has...

Arbitrary command execution through gitRepo volume

...

OESA-2024-2532 kubernetes security update

Container cluster management. Security Fixes: A vulnerability, which was classified as problematic, was found in Kubernetes up to 1.28.11/1.29.6/1.30.2 Virtualization Software. Affected is an unknown code block of the component gitRepo Volume Handler. Upgrading to version 1.28.12, 1.29.7, 1.30.3 ...

Arbitrary Command Execution

k8s.io/kubernetes is vulnerable to Arbitrary Command Execution. The vulnerability is due to improper validation and handling of gitRepo volumes in the Kubernetes kubelet component, which allows malicious actors to execute arbitrary commands by exploiting the way these volumes are processed...

CVE-2024-10220 Arbitrary command execution through gitRepo volume

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

CVE-2024-10220 Arbitrary command execution through gitRepo volume

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...