Vulnerabilities

CVE-2025-13281

by Fred · 14/12/2025

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

More information : https://github.com/kubernetes/kubernetes/issues/135525

Similar

Tags: Cybersecurity Alert