EUVD-2021-2095

Malware in sbrugna...

GHSA-MFV7-GQ43-W965 Incomplete List of Disallowed Inputs in Kubernetes

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

DEBIAN-CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

Design/Logic Flaw

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

CVE-2021-25737

CVE-2021-25737 describes a Kubernetes EndpointSlice validation flaw enabling host-network hijacking. A remote authenticated attacker could redirect pod traffic to private networks on a Node and potentially access sensitive information. Root cause: holes in EndpointSlice validation that allowed un...