{"id":"GO-2025-3774","summary":"Kubernetes allows nodes to bypass dynamic resource allocation authorization checks in k8s.io/kubernetes","details":"Kubernetes allows nodes to bypass dynamic resource allocation authorization checks in k8s.io/kubernetes","aliases":["CVE-2025-4563","GHSA-hj2p-8wj8-pfq4"],"modified":"2026-02-04T02:37:40.807397Z","published":"2025-07-28T19:57:13Z","related":["CGA-hv4c-jfm9-gqhv"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2025-3774"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-hj2p-8wj8-pfq4"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/issues/132151"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/131844"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/131875"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/131876"},{"type":"WEB","url":"https://groups.google.com/g/kubernetes-security-announce/c/Zv84LMRuvMQ"}],"affected":[{"package":{"name":"k8s.io/kubernetes","ecosystem":"Go","purl":"pkg:golang/k8s.io/kubernetes"},"ranges":[{"type":"SEMVER","events":[{"introduced":"1.32.0"},{"fixed":"1.32.6"},{"introduced":"1.33.0"},{"fixed":"1.33.2"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3774.json"}}],"schema_version":"1.7.3"}