VYPR

Go modules package

github.com/k3s-io/k3s

pkg:golang/github.com/k3s-io/k3s

Vulnerabilities (2)

  • CVE-2025-46599MedApr 25, 2025
    affected >= 1.32.0-rc1, < 1.32.4-rc1fixed 1.32.4-rc1

    CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this por

  • CVE-2023-32187Sep 18, 2023
    affected < 1.24.17fixed 1.24.17

    An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s