VYPR
Medium severity5.8GHSA Advisory· Published Dec 14, 2025· Updated Apr 15, 2026

CVE-2025-13281

CVE-2025-13281

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
k8s.io/kubernetesGo
< 1.32.101.32.10
k8s.io/kubernetesGo
>= 1.33.0-alpha.0, < 1.33.61.33.6
k8s.io/kubernetesGo
>= 1.34.0-alpha.0, < 1.34.21.34.2

Affected products

327

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.