Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2025/05/08 11:40 a.m.2 views

SUSE CVE-2025-46599

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...

6.8CVSS7.1AI score0.00379EPSS
Exploits0References3
Snyk
Snyk
added 2025/04/25 6:30 a.m.3 views

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to the misconfiguration of the ReadOnlyPort setting. An attacker can gain unauthorized access to exposed credentials by connecting to the open port without authentication. Remediation...

6.9CVSS7AI score0.00379EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/04/25 5:15 a.m.5 views

CVE-2025-46599

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...

6.8CVSS7.3AI score0.00379EPSS
Exploits0References5
Kubernetes Security Advisories
Kubernetes Security Advisories
added 2025/02/06 8:3 p.m.6 views

Node Denial of Service via kubelet Checkpoint API

CVSS Rating: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk. Am I vulnerable?...

6.2CVSS6.5AI score0.00349EPSS
Exploits0Affected Software2
Rows per page
Query Builder