All intelligence
// vulnerability record
live · NVDCVE-2025-1767
MEDIUMpublished 2025-03-13 17:15 UTC · 1 year ago · modified 2026-06-17 08:39 UTC
6.5
CVSS / 10
// description
This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
// weaknesses (CWE)
- CWE-20