UBUNTU-CVE-2021-25735

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2021-25735
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-25735.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-25735
Upstream
Published
2021-09-06T12:15:00Z
Modified
2025-07-14T06:45:33.943388Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • - medium
Summary
[none]
Details

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.

References

Affected packages

Ubuntu:Pro:20.04:LTS / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/ubuntu/kubernetes@1.0?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0

Ubuntu:22.04:LTS / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/ubuntu/kubernetes@1.0?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0

Ubuntu:24.04:LTS / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/ubuntu/kubernetes@1.0?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0