CGA-3hx7-fq2f-xgf9

Published

Last updated

https://images.chainguard.dev/security/CGA-3hx7-fq2f-xgf9

Package

kubernetes-dns-node-cache-1.17

Latest Update

Not affected

Aliases

CVE-2021-25740
GHSA-vw47-mr44-3jf9

Severity

3.1

Low

CVSS V3

Summary

Confused Deputy in Kubernetes

Description

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

References

https://nvd.nist.gov/vuln/detail/CVE-2021-25740
https://github.com/advisories/GHSA-vw47-mr44-3jf9
https://github.com/kubernetes/kubernetes/issues/103675
https://github.com/kubernetes/kubernetes
https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE
https://security.netapp.com/advisory/ntap-20211014-0001

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-3hx7-fq2f-xgf9

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources