2 matches found
CNCF K3s Kubernetes kubelet configuration exposes credentials
CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...
CVE-2025-0426
A flaw was found in Kubernetes. A large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may fill the Node's disk, potentially leading to a Node denial of service. Mitigation To mitigate this vulnerability, disable the kubelet read-only port by...