Home > Vulnerability Database > CVE-2024-7598

Mend.io Vulnerability Database

CVE-2024-7598

Date: March 20, 2025

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced.

Severity Score

3.1

Related Resources (7)

Url: https://github.com/kubernetes/kubernetes

Url: http://www.openwall.com/lists/oss-security/2025/03/20/2

Url: https://github.com/advisories/GHSA-r56h-j38w-hrqq

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-7598

Url: https://groups.google.com/g/kubernetes-security-announce/c/67D7UFqiPRc

Url: https://github.com/kubernetes/kubernetes/issues/126587

Url: https://www.mend.io/vulnerability-database/CVE-2024-7598

Severity Score

3.1

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-7598

Date: March 20, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?