GHSA-35c7-w35f-xwgh
Suggest an improvement- Source
- https://github.com/advisories/GHSA-35c7-w35f-xwgh
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-35c7-w35f-xwgh/GHSA-35c7-w35f-xwgh.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-35c7-w35f-xwgh
- Aliases
- Related
- Published
- 2023-10-30T03:30:15Z
- Modified
- 2025-02-13T19:20:48Z
- Severity
-
- 5.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
- Summary
- Kube-proxy may unintentionally forward traffic
- Details
-
Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (
spec.ports[*].port) as a LoadBalancer Service when the LoadBalancer controller does not set thestatus.loadBalancer.ingress[].ipfield. Clusters where the LoadBalancer controller sets thestatus.loadBalancer.ingress[].ipfield are unaffected. - Database specific
{ "nvd_published_at": "2023-10-30T03:15:07Z", "github_reviewed_at": "2023-10-31T22:23:04Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-25736
- https://github.com/kubernetes/kubernetes/pull/99958
- https://github.com/kubernetes/kubernetes/commit/b014610de3e5cf1bb0f7844b5758d29fc18b75e6
- https://github.com/kubernetes/kubernetes
- https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
- https://security.netapp.com/advisory/ntap-20231221-0003
Affected packages
Go / k8s.io/kubernetes
Package
- Name
- k8s.io/kubernetes
- View open source insights on deps.dev
- Purl
- pkg:golang/k8s.io/kubernetes