github.com/k3s-io/k3s

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/k3s-io/k3spage 1 of 1

CVE-2023-32187HIGHCVSS 7.5EG 7.5✓ Fixed in 1.28.1
2023-09-18
An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.…
CVE-2025-46599MEDIUMCVSS 6.8EG 6.8
2025-04-25
CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might…

Check whether github.com/k3s-io/k3s is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/k3s-io/k3s CVEs against the assets you own.

Start Free Scan →