CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:1.21.0:-:*:*:*:*:*:*

Information

Published : 2021-09-06 05:15

Updated : 2021-10-07 10:55


NVD link : CVE-2021-25737

Mitre link : CVE-2021-25737


JSON object : View

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

Advertisement

dedicated server usa

Products Affected

kubernetes

  • kubernetes