# NodePort Service Exposes Application

- ID: kubernetes-nodeport-service
- Severity: MEDIUM
- CWE: CWE-668 (CWE-668)
- Languages: YAML
- Frameworks: kubernetes

## Description

Detects services using NodePort type which exposes the application on all cluster nodes.

## Detection Message

Service uses NodePort type which exposes the application on all cluster nodes.

## Remediation

Use ClusterIP with Ingress or LoadBalancer instead.

```yaml
spec:
  type: ClusterIP
```

Learn more: https://shoulder.dev/learn/kubernetes/cwe-668/nodeport-service

## Documentation

[object Object]

## Related Rules

- **HostPath Volume Mounted** [CRITICAL]: 
- **TypeScript Access Modifier Bypass** [HIGH]: