VYPR

apk package

wolfi/k3s-static-1.33

pkg:apk/wolfi/k3s-static-1.33

Vulnerabilities (87)

  • CVE-2025-52565Nov 6, 2025
    affected < 1.33.5.1-r2fixed 1.33.5.1-r2

    runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the conta

  • CVE-2025-31133Nov 6, 2025
    affected < 1.33.5.1-r2fixed 1.33.5.1-r2

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container

  • CVE-2024-25621Nov 6, 2025
    affected < 0fixed 0

    containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd

  • CVE-2025-59530HigOct 10, 2025
    affected < 1.33.5.1-r1fixed 1.33.5.1-r1

    quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service (DoS) attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requir

  • CVE-2025-54410Jul 30, 2025
    affected < 1.33.10.1-r5fixed 1.33.10.1-r5

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fail

  • CVE-2025-46599MedApr 25, 2025
    affected < 0fixed 0

    CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this por

  • CVE-2024-36623Nov 29, 2024
    affected < 1.33.10.1-r5fixed 1.33.10.1-r5

    moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.

Page 5 of 5