Go/github.com/k3s-io/k3s — 3 CVEs

HIGH7.5CVE-2023-32187K3s apiserver port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack

from 0, < 1.24.17

MEDIUM6.8CVE-2025-46599CNCF K3s Kubernetes kubelet configuration exposes credentials in github.com/k3s-io/k3s

>= 1.32.0-rc1, < 1.32.4-rc1

MEDIUM6.8CVE-2025-46599CNCF K3s Kubernetes kubelet configuration exposes credentials in github.com/k3s-io/k3s

from 0

pkg:Go/github.com/k3s-io/k3s