{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T17:58:33.290","vulnerabilities":[{"cve":{"id":"CVE-2025-1767","sourceIdentifier":"jordan@liggitt.net","published":"2025-03-13T17:15:36.437","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable."},{"lang":"es","value":"Esta CVE solo afecta a los clústeres de Kubernetes que utilizan el volumen gitRepo en el árbol para clonar repositorios git de otros pods dentro del mismo nodo. Dado que la función de volumen gitRepo en el árbol ha quedado obsoleta y no recibirá actualizaciones de seguridad, cualquier clúster que aún la utilice sigue siendo vulnerable."}],"metrics":{"cvssMetricV31":[{"source":"jordan@liggitt.net","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}]},"weaknesses":[{"source":"jordan@liggitt.net","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://github.com/kubernetes/kubernetes/pull/130786","source":"jordan@liggitt.net"},{"url":"https://groups.google.com/g/kubernetes-security-announce/c/19irihsKg7s","source":"jordan@liggitt.net"},{"url":"http://www.openwall.com/lists/oss-security/2025/03/13/9","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}