EUVD-2023-57723

Malicious code in bioql PyPI...

EUVD-2022-3306

Malicious code in bioql PyPI...

OESA-2025-2318 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2283 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2280 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

Linux Distros Unpatched Vulnerability : CVE-2025-4563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the...

CVE-2025-5187

A vulnerability was found in the kube-apiserver's NodeRestriction admission controller, where node users can delete their corresponding node object by setting their own OwnerReference to a cluster-scoped resource. This flaw allows an attacker to delete and recreate its node object, leading to the...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller. An attacker can cause unauthorized deletion of node objects by patching them with an OwnerReference to a cluster-scoped resource, resulting in the node being deleted...

CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

PT-2025-33265

Name of the Vulnerable Software and Affected Versions: kube-apiserver versions 1.31.11 and earlier kube-apiserver versions 1.32.7 and earlier kube-apiserver versions 1.33.3 and earlier Description: Compromised nodes can delete themselves and relabel via OwnerReferences. An attacker who has gained...

SUSE CVE-2025-4563

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller process. An attacker can access unauthorized dynamic resources by creating mirror pods during pod creation when the DynamicResourceAllocation feature gate is enabled...

DEBIAN-CVE-2025-4563

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...

AZL-64304 CVE-2025-4563 affecting package kubernetes for versions less than 1.30.10-9

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...

UBUNTU-CVE-2025-4563

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to...

CBL Mariner 2.0 Security Update: kubernetes (CVE-2023-5408)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5408 advisory. - A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api serv...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2023-5408)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that may allow an attacker to modify restricted node labels and bypass the node restriction admission plugin CVE-2023-5408. Vulnerability Details CVEID: CVE-2023-5408 Description: OpenShift...

AZL-31786 CVE-2023-5408 affecting package kubernetes for versions less than 1.28.4-5

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the clust...