CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/0xxx/CVE-2025-0426.json",
    "cwe_ids": [
        "CWE-400"
    ],
    "cna_assigner": "kubernetes"
}

References

Affected packages

Git / github.com/kubernetes/kubernetes

Affected ranges

Type

GIT

Repo

https://github.com/kubernetes/kubernetes

Events

Introduced

70d3cc986aa8221cd1dfb1121852688902d3bf53

Last affected

e9c9be4007d1664e68796af02b8978640d2c1b26

Introduced

9edcffcde5595e8a5b1a35f88c421764e575afce

Last affected

af64d838aacd9173317b39cf273741816bd82377

Introduced

7c48c2bd72b9bf5c44d21d7338cc7bea77d0ad2a

Last affected

a87cd6906120a367bf6787420e943103a463acba

Database specific

{
    "extracted_events": [
        {
            "introduced": "1.32.0"
        },
        {
            "last_affected": "1.32.1"
        },
        {
            "introduced": "1.31.0"
        },
        {
            "last_affected": "1.31.5"
        },
        {
            "introduced": "1.30.0"
        },
        {
            "last_affected": "1.30.9"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

v1.*

v1.30.0

v1.30.1

v1.30.2

v1.30.3

v1.30.4

v1.30.5

v1.30.6

v1.30.7

v1.30.8

v1.30.9

v1.31.0

v1.31.1

v1.31.2

v1.31.3

v1.31.4

v1.31.5

v1.32.0

v1.32.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-0426.json"