{"id":"CVE-2021-25737","details":"A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.","aliases":["GHSA-mfv7-gq43-w965","GO-2022-0908"],"modified":"2026-04-10T04:31:07.235916Z","published":"2021-09-06T12:15:07.673Z","related":["openSUSE-SU-2025:15424-1"],"references":[{"type":"ADVISORY","url":"https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20211004-0004/"},{"type":"FIX","url":"https://github.com/kubernetes/kubernetes/issues/102106"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77"},{"fixed":"ac0cc736d0018d817c763083945e4db863168d12"},{"introduced":"e19964183377d0ec2052d1f1fa930c4d7575bd50"},{"fixed":"98d5dc5d36d34a7ee13368a7893dcb400ec4e566"},{"introduced":"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38"},{"fixed":"132a687512d7fb058d0f5890f07d4121b3f0a2e2"},{"introduced":"0"},{"last_affected":"cb303e613a121a29364f75cc67d3d580833a7479"}],"database_specific":{"versions":[{"introduced":"1.16.0"},{"fixed":"1.18.19"},{"introduced":"1.19.0"},{"fixed":"1.19.10"},{"introduced":"1.20.0"},{"fixed":"1.20.7"},{"introduced":"0"},{"last_affected":"1.21.0-NA"}]}}],"versions":["v0.13.1-dev","v0.17.0","v1.1.0-alpha.0","v1.1.0-alpha.1","v1.10.0-alpha.0","v1.10.0-alpha.1","v1.10.0-alpha.2","v1.10.0-alpha.3","v1.11.0-alpha.0","v1.11.0-alpha.1","v1.11.0-alpha.2","v1.12.0-alpha.0","v1.12.0-alpha.1","v1.13.0-alpha.0","v1.13.0-alpha.1","v1.13.0-alpha.2","v1.13.0-alpha.3","v1.14.0-alpha.0","v1.14.0-alpha.1","v1.14.0-alpha.2","v1.14.0-alpha.3","v1.15.0-alpha.0","v1.15.0-alpha.1","v1.15.0-alpha.2","v1.15.0-alpha.3","v1.16.0-alpha.0","v1.16.0-alpha.1","v1.16.0-alpha.2","v1.16.0-alpha.3","v1.17.0-alpha.0","v1.17.0-alpha.1","v1.17.0-alpha.2","v1.17.0-alpha.3","v1.18.0","v1.18.0-alpha.0","v1.18.0-alpha.1","v1.18.0-alpha.2","v1.18.0-alpha.4","v1.18.0-alpha.5","v1.18.0-beta.0","v1.18.0-beta.1","v1.18.0-beta.2","v1.18.0-rc.1","v1.18.1","v1.18.1-beta.0","v1.18.10","v1.18.10-rc.0","v1.18.11-rc.0","v1.18.12","v1.18.12-rc.1","v1.18.13","v1.18.13-rc.0","v1.18.14","v1.18.14-rc.0","v1.18.14-rc.1","v1.18.15","v1.18.15-rc.0","v1.18.16","v1.18.16-rc.0","v1.18.17","v1.18.17-rc.0","v1.18.18","v1.18.18-rc.0","v1.18.19-rc.0","v1.18.2","v1.18.2-beta.0","v1.18.3","v1.18.3-beta.0","v1.18.4","v1.18.4-rc.0","v1.18.5","v1.18.5-rc.0","v1.18.5-rc.1","v1.18.6","v1.18.6-rc.0","v1.18.7-rc.0","v1.18.8","v1.18.8-rc.1","v1.18.9","v1.18.9-rc.0","v1.19.0","v1.19.0-alpha.0","v1.19.0-alpha.1","v1.19.0-alpha.2","v1.19.0-alpha.3","v1.19.0-beta.0","v1.19.0-beta.1","v1.19.0-beta.2","v1.19.1","v1.19.1-rc.0","v1.19.10-rc.0","v1.19.2","v1.19.2-rc.0","v1.19.3","v1.19.3-rc.0","v1.19.4","v1.19.4-rc.0","v1.19.5","v1.19.5-rc.0","v1.19.6","v1.19.6-rc.0","v1.19.6-rc.1","v1.19.7","v1.19.7-rc.0","v1.19.8","v1.19.8-rc.0","v1.19.9","v1.19.9-rc.0","v1.2.0-alpha.1","v1.2.0-alpha.2","v1.2.0-alpha.3","v1.2.0-alpha.4","v1.2.0-alpha.5","v1.2.0-alpha.6","v1.2.0-alpha.7","v1.2.0-alpha.8","v1.20.0","v1.20.0-alpha.0","v1.20.0-alpha.1","v1.20.0-alpha.2","v1.20.0-alpha.3","v1.20.0-beta.0","v1.20.0-beta.1","v1.20.0-beta.2","v1.20.1","v1.20.1-rc.0","v1.20.1-rc.1","v1.20.2","v1.20.2-rc.0","v1.20.3","v1.20.3-rc.0","v1.20.4","v1.20.4-rc.0","v1.20.5","v1.20.5-rc.0","v1.20.6","v1.20.6-rc.0","v1.20.7-rc.0","v1.21.0","v1.21.0-alpha.0","v1.21.0-alpha.1","v1.21.0-alpha.2","v1.21.0-alpha.3","v1.21.0-beta.0","v1.21.0-beta.1","v1.21.0-rc.0","v1.22.0-alpha.0","v1.3.0-alpha.0","v1.3.0-alpha.1","v1.3.0-alpha.2","v1.3.0-alpha.3","v1.3.0-alpha.4","v1.3.0-alpha.5","v1.4.0-alpha.1","v1.4.0-alpha.2","v1.4.0-alpha.3","v1.5.0-alpha.0","v1.5.0-alpha.1","v1.5.0-alpha.2","v1.6.0-alpha.0","v1.6.0-alpha.1","v1.6.0-alpha.2","v1.6.0-alpha.3","v1.7.0-alpha.0","v1.7.0-alpha.1","v1.7.0-alpha.2","v1.7.0-alpha.3","v1.7.0-alpha.4","v1.8.0-alpha.0","v1.8.0-alpha.1","v1.8.0-alpha.2","v1.8.0-alpha.3","v1.9.0-alpha.0","v1.9.0-alpha.1","v1.9.0-alpha.2","v1.9.0-alpha.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25737.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}