CVE-2021-25735 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Authentication bypass |
| Description | A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. You are only affected by this vulnerability if you run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. The issue is fixed in kube-apiserver version 1.21.0, 1.20.6, 1.19.10 and 1.18.18. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1825 | kube-apiserver | 1.20.5-1 | 1.21.0-1 | Medium | Fixed |