{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T07:43:58.094","vulnerabilities":[{"cve":{"id":"CVE-2025-58061","sourceIdentifier":"security-advisories@github.com","published":"2025-08-28T22:15:32.773","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The rawfile-localpv storage class creates persistent volume data under /var/csi/rawfile/ on Kubernetes hosts by default. However, the directory and data in it are world-readable. It allows non-privileged users to access the whole persistent volume data, and those can include sensitive information such as a whole database if the Kubernetes tenants are running MySQL or PostgreSQL in a container so it could lead to a database breach. This issue has been patched in version 0.10.0."},{"lang":"es","value":"OpenEBS Local PV RawFile permite la implementación dinámica de volúmenes y sistemas de archivos persistentes con estado, locales al nodo, para Kubernetes. Antes de la versión 0.10.0, los datos del volumen persistente son legibles por cualquier usuario y eso permitiría a usuarios no privilegiados acceder a datos sensibles como las bases de datos de la carga de trabajo de k8s. La clase de almacenamiento rawfile-localpv crea datos de volumen persistente bajo /var/csi/rawfile/ en los hosts de Kubernetes por defecto. Sin embargo, el directorio y los datos que contiene son legibles por cualquier usuario. Permite a usuarios no privilegiados acceder a todos los datos del volumen persistente, y estos pueden incluir información sensible como una base de datos completa si los inquilinos de Kubernetes están ejecutando MySQL o PostgreSQL en un contenedor, lo que podría llevar a una violación de la base de datos. Este problema ha sido parcheado en la versión 0.10.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://github.com/openebs/rawfile-localpv/security/advisories/GHSA-wh95-vw4r-xwx4","source":"security-advisories@github.com"}]}}]}