Vulnerability Report: GO-2025-3465
- CVE-2025-0426, GHSA-jgfp-53c3-624w
- Affects: k8s.io/kubernetes
- Published: Mar 03, 2025
- Modified: Dec 16, 2025
Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes
For detailed information about this vulnerability, visit https://github.com/advisories/GHSA-jgfp-53c3-624w.
Affected Packages
-
PathGo VersionsSymbols
-
before v1.29.14, from v1.30.0 before v1.30.10, from v1.31.0 before v1.31.6, from v1.32.0 before v1.32.2
Aliases
References
- https://github.com/advisories/GHSA-jgfp-53c3-624w
- http://www.openwall.com/lists/oss-security/2025/02/13/1
- https://github.com/kubernetes/kubernetes/issues/130016
- https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8
- https://vuln.go.dev/ID/GO-2025-3465.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.