CNNVD-202509-2297 Information

CNNVD ID

CNNVD-202509-2297

Related CVE

CVE-2025-9708

• CNNVD Published: 2025-09-16

Description (Chinese)

Kubernetes（K8s）是Kubernetes开源的一个开源系统，用于自动部署、扩展和管理容器化应用程序。 Kubernetes存在安全漏洞，该漏洞源于证书验证逻辑未正确验证信任链，可能导致中间人攻击和API冒充。

Description (English)

Kubernetes (K8s) is an open-source system for the automatic deployment, extension and management of containerization applications in Kubernetes. There is a security loophole in Kubernetes, which stems from the certificate certification logic ’ s incorrect validation of the chain of trust, which may lead to an attack by an intermediary and to an API impersonation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

酷狗

Published

2025-09-16

Last Modified

2026-02-24

References

https://github.com/kubernetes/kubernetes/issues/134063 https://groups.google.com/g/kubernetes-security-announce/c/rLopt2Msvbw/m/rK6XeNw2CgAJ

Patch

https://github.com/kubernetes/kubernetes/releases