https://blog.qife122.com/tags/portworx/ Recent content in Portworx on 办公AI智能小助手 Hugo zh-cn qife Mon, 12 Jan 2026 02:36:52 +0800 https://blog.qife122.com/p/kubernetes-kube-controller-manager-%E5%8D%8A%E7%9B%B2ssrf%E6%BC%8F%E6%B4%9E%E5%89%96%E6%9E%90%E4%B8%8E%E4%BF%AE%E5%A4%8D%E6%8C%87%E5%8D%97/ Mon, 12 Jan 2026 02:36:52 +0800 https://blog.qife122.com/p/kubernetes-kube-controller-manager-%E5%8D%8A%E7%9B%B2ssrf%E6%BC%8F%E6%B4%9E%E5%89%96%E6%9E%90%E4%B8%8E%E4%BF%AE%E5%A4%8D%E6%8C%87%E5%8D%97/ <h1 id="cve-2025-13281-portworx半盲ssrf漏洞分析">CVE-2025-13281: Portworx半盲SSRF漏洞分析</h1> <h2 id="漏洞概述">漏洞概述</h2> <p>CVE-2025-13281是一个存在于kube-controller-manager中的半盲服务器端请求伪造（SSRF）漏洞，当使用内置的Portworx StorageClass时触发。该漏洞曾针对其他内置StorageClass（GlusterFS、Quobyte、StorageOS和ScaleIO）在CVE-2020-8555中进行了修补。</p>