GHSA-8gwj-m6vh-2g6j

GitHub Security Advisory

kOps privilege escalation vulnerability

✓ GitHub Reviewed HIGH Has CVE

Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode.

Go k8s.io/kops

Affected versions: 0 (fixed in 1.25.4)

Go k8s.io/kops

Affected versions: 1.26.0 (fixed in 1.26.2)

CVE-2023-1943

GHSA ID

GHSA-8gwj-m6vh-2g6j

Published

October 12, 2023 12:30 AM

Last Modified

October 18, 2023 6:29 PM

CVSS Score

7.5 /10

Primary Ecosystem

Primary Package

k8s.io/kops

GitHub Reviewed

✓ Yes

Last updated: November 25, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.