CVE-2021-25735 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Authentication bypass |
Description | A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. You are only affected by this vulnerability if you run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. The issue is fixed in kube-apiserver version 1.21.0, 1.20.6, 1.19.10 and 1.18.18. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1825 | kube-apiserver | 1.20.5-1 | 1.21.0-1 | Medium | Fixed |