VDB
GO-2022-0907
GO-2022-0907
PUBLISHED
Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| k8s.io | kubernetes | 0, 1.19.0, 1.20.0 |
Timeline
- Aug 21, 2024 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/advisories/GHSA-g42g-737j-qx6j advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1937562 url
- https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90 url
- https://github.com/kubernetes/kubernetes/issues/100096 url
- https://github.com/kubernetes/kubernetes/pull/99946 url
- https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y url
- https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver url
- https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass url