Description

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.

INFO

Published Date :

2025-03-13T16:40:42.663Z

Last Modified :

2025-03-17T16:59:37.276Z

Source :

kubernetes
AFFECTED PRODUCTS

The following products are affected by CVE-2025-1767 vulnerability.

Vendors Products
Kubernetes
  • Kubelet
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-1767.

URL Resource
http://www.openwall.com/lists/oss-security/2025/03/13/9 cve-icon
https://github.com/kubernetes/kubernetes/pull/130786 cve-icon cve-icon
https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-1767 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-1767 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact