VYPR
Moderate severityNVD Advisory· Published Sep 6, 2021· Updated Sep 16, 2024

Validating Admission Webhook does not observe some previous fields

CVE-2021-25735

Description

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
k8s.io/kubernetesGo
>= 1.20.0, < 1.20.61.20.6
k8s.io/kubernetesGo
>= 1.19.0, < 1.19.101.19.10
k8s.io/kubernetesGo
< 1.18.181.18.18

Affected products

28

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.