58 matches found
RHCOS 4 : OpenShift Container Platform 4.4.8 openshift (RHSA-2020:2448)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2448 advisory. - kubernetes: Server side request forgery SSRF in kube-controller-manager allows users to leak secret information CVE-2020-8555 Note that...
RHCOS 4 : OpenShift Container Platform 4.2.36 openshift (RHSA-2020:2594)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2594 advisory. - kubernetes: Server side request forgery SSRF in kube-controller-manager allows users to leak secret information CVE-2020-8555 Note that...
GO-2025-4240 Half-blind Server Side Request Forgery in kube-controller-manager through in-tree Portworx StorageClass in k8s.io/kubernetes
Half-blind Server Side Request Forgery in kube-controller-manager through in-tree Portworx StorageClass in k8s.io/kubernetes...
Portworx Half-Blind SSRF in kube-controller-manager
...
CVE-2025-13281
A half-blind Server-Side Request Forgery SSRF found in kube-controller-manager that can be triggered when using the legacy in-tree Portworx StorageClass. An authorized user with sufficient privileges can cause the controller to make requests to internal, host-network–accessible endpoints,...
EUVD-2025-203310
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
DEBIAN-CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
AZL-72386 CVE-2025-13281 affecting package kubernetes for versions less than 1.28.4-21
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the kube-controller-manager when using the in-tree Portworx StorageClass. An attacker can access sensitive information from unprotected endpoints within the control plane's host network, including...
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281
The CVE-2025-13281 entry describes a half-blind SSRF in kube-controller-manager when using the in-tree Portworx StorageClass. Affected: Kubernetes kube-controller-manager components handling Portworx StorageClass, with information disclosure risk by leaking data from unprotected endpoints in the ...
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
OESA-2025-2819 kubernetes security update
Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...
OESA-2025-2818 kubernetes security update
Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...
OESA-2025-2817 kubernetes security update
Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...
OESA-2025-2816 kubernetes security update
Container cluster management. Security Fixes: A vulnerability was found in Kubernetes kube-controller-manager up to versions 1.30.14, 1.31.14, 1.32.9, 1.33.5 and 1.34.1. It has been classified as CWE-918 Server-Side Request Forgery. The web server receives a URL or similar request from an upstrea...
EUVD-2024-3260
Malicious code in bioql PyPI...