CVE-2025-13281

Опубликовано: 30 дек. 2025

Источник: msrc

CVSS3: 5.8

EPSS Низкий

Описание

Portworx Half-Blind SSRF in kube-controller-manager

EPSS

Процентиль: 1%

0.00012

Низкий

5.8 Medium

CVSS3

Связанные уязвимости

CVE-2025-13281

CVSS3: 5.8

ubuntu

около 2 месяцев назад

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

CVE-2025-13281

CVSS3: 5.8

nvd

около 2 месяцев назад

CVE-2025-13281

CVSS3: 5.8

debian

около 2 месяцев назад

A half-blind Server Side Request Forgery (SSRF) vulnerability exists i ...

GHSA-r6j8-c6r2-37rr

CVSS3: 5.8

github

около 2 месяцев назад

kube-controller-manager is vulnerable to half-blind Server Side Request Forgery through in-tree Portworx StorageClass

EPSS

Процентиль: 1%

0.00012

Низкий

5.8 Medium

CVSS3