CVE-2021-25735 log

Severity Medium
Remote Yes
Type Authentication bypass
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. You are only affected by this vulnerability if you run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. The issue is fixed in kube-apiserver version 1.21.0, 1.20.6, 1.19.10 and 1.18.18.
Group Package Affected Fixed Severity Status Ticket
AVG-1825 kube-apiserver 1.20.5-1 1.21.0-1 Medium Fixed