A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: kubernetes
Published: 2021-09-06T11:32:01.989085Z
Updated: 2024-09-16T21:04:34.209Z
Reserved: 2021-01-21T00:00:00
Link: CVE-2021-25737
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-06T12:15:07.673
Modified: 2024-11-21T05:55:19.310
Link: CVE-2021-25737
Redhat