{"id":"GO-2022-0907","summary":"Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes","details":"Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes","aliases":["CVE-2021-25735","GHSA-g42g-737j-qx6j"],"modified":"2026-02-04T03:59:40.340851Z","published":"2024-08-21T15:29:08Z","related":["CGA-5rxh-9v6c-96vf"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-0907"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-g42g-737j-qx6j"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1937562"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/commit/00e81db174ef7aca497be5f42d87e46d14df2a90"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/issues/100096"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/pull/99946"},{"type":"WEB","url":"https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y"},{"type":"WEB","url":"https://pkg.go.dev/k8s.io/kubernetes@v1.23.5/cmd/kube-apiserver"},{"type":"WEB","url":"https://sysdig.com/blog/cve-2021-25735-kubernetes-admission-bypass"}],"affected":[{"package":{"name":"k8s.io/kubernetes","ecosystem":"Go","purl":"pkg:golang/k8s.io/kubernetes"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.18.18"},{"introduced":"1.19.0"},{"fixed":"1.19.10"},{"introduced":"1.20.0"},{"fixed":"1.20.6"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0907.json"}}],"schema_version":"1.7.3"}