CPU not limited
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
The container configuration does not specify a CPU limit, allowing it to consume unlimited CPU resources on the host. Without this restriction, workloads can monopolize system resources uncontrollably.
Impact#
If exploited, a container could consume excessive CPU, leading to resource exhaustion that may degrade or disrupt other services on the same host. This increases the risk of denial-of-service (DoS) attacks and can destabilize the entire Kubernetes cluster.
Resolution#
Set a limit value under ‘containers[].resources.limits.cpu’.