CNNVD-202506-2970 Information

CNNVD ID

CNNVD-202506-2970

Related CVE

CVE-2025-4563

• CNNVD Published: 2025-06-23

Description (Chinese)

Kubernetes（K8s）是Kubernetes开源的一个开源系统，用于自动部署、扩展和管理容器化应用程序。 Kubernetes存在安全漏洞，该漏洞源于NodeRestriction准入控制器动态资源分配授权检查不足，可能导致权限提升。

Description (English)

Kubernetes (K8s) is an open-source system for the automatic deployment, extension and management of containerization applications in Kubernetes. There is a security loophole in Kubernetes, which stems from inadequate monitoring of the NodeRestraction Access controller ’ s dynamic resource allocation authorization, which may lead to enhanced privileges.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Kubernetes

Published

2025-06-23

Last Modified

2026-02-24

References

https://github.com/kubernetes/kubernetes/issues/132151 https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ

Patch

https://kubernetes.io/releases/