Lucene search
K

8 matches found

AlpineLinux
AlpineLinux
added 2025/04/25 5:15 a.m.5 views

CVE-2025-46599

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...

6.8CVSS7.3AI score0.00379EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.5 views

PT-2025-17879 · Cncf · K3S

Name of the Vulnerable Software and Affected Versions: CNCF K3s versions 1.32 through 1.32.4-rc1+k3s1 Description: The issue arises from a Kubernetes kubelet configuration change, which in certain situations, sets ReadOnlyPort to 10255. This could potentially allow unauthenticated access to this...

6.8CVSS6.2AI score0.00379EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.1 views

SUSE CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

5.3CVSS6.8AI score0.01141EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 1:57 a.m.23 views

GHSA-QHM4-JXV7-J9PQ Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

4.3CVSS6.3AI score0.01141EPSS
Exploits0References7
OSV
OSV
added 2020/03/27 3:15 p.m.1 views

DEBIAN-CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.6AI score0.01141EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/03/27 3:15 p.m.22 views

CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.6AI score0.01141EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/03/27 2:25 p.m.26 views

CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.5AI score0.01141EPSS
Exploits0
Veracode
Veracode
added 2020/03/25 3:23 a.m.30 views

Denial Of Service (DoS)

github.com/kubernetes/kubernetes is vulnerable to denial of service. A remote attacker is able to crash the application via a malicious request to the unauthenticated HTTP read-only API that is typically served on port 10255, and the authenticated HTTPS API typically served on port 10250...

6.5CVSS1.7AI score0.01141EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder