AI description
CVE-2025-1767 affects Kubernetes clusters utilizing the in-tree gitRepo volume to clone Git repositories from other pods on the same node. A user with create pod permissions could exploit gitRepo volumes to access local Git repositories belonging to other pods. The vulnerability stems from the in-tree gitRepo volume not properly isolating or validating repository paths, potentially allowing access to sensitive `.git` directories. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates, clusters using this feature remain vulnerable.
- Description
- This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.
- Source
- jordan@liggitt.net
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 5.2
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
- Severity
- MEDIUM
- jordan@liggitt.net
- CWE-20
- Hype score
- Not currently trending
Kubernetes CVE-2025-1767 TLDR; It's highly unlikely you need to worry about this. The prereqs: - Cluster Access - Knowledge of the path of a local Git repository used by another pod on the same node - Create pod permissions on the node https://t.co/eE3aR8h7rB
@GrahamHelton3
14 Mar 2025
1697 Impressions
0 Retweets
12 Likes
6 Bookmarks
2 Replies
0 Quotes
CVE-2025-1767 - Another gitrepo issue https://t.co/oPvNSSgys7
@Dinosn
14 Mar 2025
118 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
π¨ CVE-2024-9042 π MEDIUM (5.9) π’ Kubernetes - Kubelet ποΈ <=v1.29.12 π https://t.co/s8rb7blQx2 π https://t.co/RWSAxwkpRO π¨ CVE-2025-1767 π MEDIUM (6.5) π’ Kubernetes - Kubelet ποΈ <=v1.32.2 π https://t.co/fdCJdY5xAl π https://t.co/pmz96tY8ia https://t.co/FCNJ8rT55
@gothburz
14 Mar 2025
78 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1767 This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitR⦠https://t.co/4GKXLMDwSP
@CVEnew
13 Mar 2025
189 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes