VYPR

rpm package

opensuse/kubernetes1.29&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kubernetes1.29&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2025-1767MedMar 13, 2025
    affected < 1.29.15-1.1fixed 1.29.15-1.1

    This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using t

  • CVE-2025-0426MedFeb 13, 2025
    affected < 1.29.14-1.1fixed 1.29.14-1.1

    A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

  • CVE-2023-45288HigApr 4, 2024
    affected < 1.29.4-1.1fixed 1.29.4-1.1

    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma

  • CVE-2024-24786HigMar 5, 2024
    affected < 1.29.3-1.1fixed 1.29.3-1.1

    The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.