Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Kubernetes (CVE-2021-25737)

Summary Security Vulnerabilities affect IBM Cloud Private - Kubernetes Vulnerability Details CVEID: CVE-2021-25737 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a host network hijacking flaw due to holes in EndpointSlice validation...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2021-25737)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that could allow a user to redirect pod traffic to private networks on a node CVE-2021-25737. Vulnerability Details CVEID: CVE-2021-25737 Description: Kubernetes could allow a remote...

OESA-2021-1373 kubernetes security update

Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not...