GO-2025-4240 — Vulnetix

GO-2025-4240 PUBLISHED

Half-blind Server Side Request Forgery in kube-controller-manager through in-tree Portworx StorageClass in k8s.io/kubernetes

Affected Products

Vendor	Product	Versions
k8s.io	kubernetes	0, 1.34.0-alpha.0, 1.33.0-alpha.0