CVE-2021-25737
go/k8s.io/kubernetes/pkg/apis/apps/validation
URL Redirection to Untrusted Site (Open Redirect)
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
All versions starting from 1.16.0 before 1.18.19, all versions starting from 1.19.0 before 1.19.10, all versions starting from 1.20.0 before 1.20.7, all versions starting from version 1.21.0 before 1.21.1
Upgrade to version 1.18.19, 1.19.10, 1.20.7, 1.21.1 or above.
2021-09-17
source |