AI description
CVE-2025-1767 affects Kubernetes clusters utilizing the in-tree gitRepo volume to clone Git repositories from other pods on the same node. A user with create pod permissions could exploit gitRepo volumes to access local Git repositories belonging to other pods. The vulnerability stems from the in-tree gitRepo volume not properly isolating or validating repository paths, potentially allowing access to sensitive `.git` directories. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates, clusters using this feature remain vulnerable.
- Description
- This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.
- Source
- jordan@liggitt.net
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 5.2
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
- Severity
- MEDIUM
- jordan@liggitt.net
- CWE-20
- Hype score
- Not currently trending
This post analyzes CVE-2025-1767, a Kubernetes vulnerability where gitRepo volumes let pods clone any host-local Git repo if the attacker knows the path ➤ https://t.co/uoUUzBag8B
@kubesploit
24 Jul 2025
231 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
This post analyzes CVE-2025-1767, a Kubernetes vulnerability where gitRepo volumes let pods clone any host-local Git repo if the attacker knows the path ➜ https://t.co/uoUUzBag8B
@kubesploit
24 Jun 2025
230 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-1767 - Another gitrepo issue https://t.co/CwEN4NlRPq #kubernetes #k8s #gitrepo
@jvela
30 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kubernetes CVE-2025-1767 TLDR; It's highly unlikely you need to worry about this. The prereqs: - Cluster Access - Knowledge of the path of a local Git repository used by another pod on the same node - Create pod permissions on the node https://t.co/eE3aR8h7rB
@GrahamHelton3
14 Mar 2025
1697 Impressions
0 Retweets
12 Likes
6 Bookmarks
2 Replies
0 Quotes
CVE-2025-1767 - Another gitrepo issue https://t.co/oPvNSSgys7
@Dinosn
14 Mar 2025
118 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-9042 🟠 MEDIUM (5.9) 🏢 Kubernetes - Kubelet 🏗️ <=v1.29.12 🔗 https://t.co/s8rb7blQx2 🔗 https://t.co/RWSAxwkpRO 🚨 CVE-2025-1767 🟠 MEDIUM (6.5) 🏢 Kubernetes - Kubelet 🏗️ <=v1.32.2 🔗 https://t.co/fdCJdY5xAl 🔗 https://t.co/pmz96tY8ia https://t.co/FCNJ8rT55
@gothburz
14 Mar 2025
78 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1767 This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitR… https://t.co/4GKXLMDwSP
@CVEnew
13 Mar 2025
189 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes