CVE-2021-25735
go/github.com/kubernetes/kubelet
Incorrect Authorization
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook.Validating Admission Webhook does not observe some previous fields.
All versions before 1.18.18, all versions starting from 1.19.0 before 1.19.10, all versions starting from 1.20.0 before 1.20.6
Upgrade to version 1.18.18, 1.19.10, 1.20.6, or above.
2021-09-17
source |