apk package
wolfi/k3s-static
pkg:apk/wolfi/k3s-static
Vulnerabilities (102)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-32187 | — | < 1.27.5-r0 | 1.27.5-r0 | Sep 18, 2023 | An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s | ||
| CVE-2023-3978 | — | < 1.28.2-r1 | 1.28.2-r1 | Aug 2, 2023 | Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. |
- CVE-2023-32187Sep 18, 2023affected < 1.27.5-r0fixed 1.27.5-r0
An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s
- CVE-2023-3978Aug 2, 2023affected < 1.28.2-r1fixed 1.28.2-r1
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Page 6 of 6