Monday, August 2, 2021

Red Hat OpenShift: CVE-2021-25735: kubernetes: Validating Admission Webhook does not observe some previous fields

A vulnerability was found in Kubernetes' kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks.
  • linuxrpm-upgrade-openshift

  • References
  • CVE - 2021-25735
  • RHSA-2021:2437


    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated