A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: kubernetes

Published: 2021-09-06T11:32:01.989085Z

Updated: 2024-09-16T21:04:34.209Z

Reserved: 2021-01-21T00:00:00

Link: CVE-2021-25737

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-06T12:15:07.673

Modified: 2024-11-21T05:55:19.310

Link: CVE-2021-25737

cve-icon Redhat

Severity : Low

Publid Date: 2021-05-18T00:00:00Z

Links: CVE-2021-25737 - Bugzilla