CVE-2021-25735

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-25735

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25735.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-25735

Aliases

Related

Published

2021-09-06T12:15:07Z

Modified

2024-09-18T01:00:21Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.

References

Affected packages

Debian:11 / kubernetes

Package

Name: kubernetes
Purl: pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.5+really1.20.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / kubernetes

Package

Name: kubernetes
Purl: pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.5+really1.20.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / kubernetes

Package

Name: kubernetes
Purl: pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.5+really1.20.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/kubernetes/kubelet

Affected ranges

Type: GIT
Repo: https://github.com/kubernetes/kubelet
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

91407aecd4edbe8888bb4648ee46e8dae792a20d