---

CVE-2021-25735 - log back

CVE-2021-25735 edited at 14 Apr 2021 20:13:14
Description	- A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. + A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. You are only affected by this vulnerability if you run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. The issue is fixed in kube-apiserver version 1.21.0, 1.20.6, 1.19.10 and 1.18.18.
References	https://github.com/kubernetes/kubernetes/issues/100096 + https://github.com/kubernetes/kubernetes/pull/99946 + https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90

CVE-2021-25735 edited at 14 Apr 2021 17:39:10
Remote	- Unknown + Remote

CVE-2021-25735 edited at 14 Apr 2021 16:24:10

Description

+ A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. - A security issue was discovered in kube-apiserver that could allow node - updates to bypass a Validating Admission Webhook. You are only affected by - this vulnerability if you run a Validating Admission Webhook for Nodes that - denies admission based at least partially on the old state of the Node - object.

CVE-2021-25735 created at 14 Apr 2021 16:19:55
Severity	+ Medium
Remote	+ Unknown
Type	+ Authentication bypass
Description	+ A security issue was discovered in kube-apiserver that could allow node + updates to bypass a Validating Admission Webhook. You are only affected by + this vulnerability if you run a Validating Admission Webhook for Nodes that + denies admission based at least partially on the old state of the Node + object.
References	+ https://github.com/kubernetes/kubernetes/issues/100096
Notes