July 29, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass

This blog was originally published by Sysdig hereWritten by Stefano Chierici, SysdigThe CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates.The kube-apiserver affected are:kube-apiserver v1.20.0 to v1.20.5kube-apiserver v1.19.0 to v1.19.9kube-apiserver <= v1.18.17You are only affected by this vulnerability if both of the following conditions are valid:You are using Validat…