CVE-2021-25735

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-372
View all →

Vulnerability Description

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.

Related Vulnerabilities

CVE-2023-36834

MEDIUM
CVSS:6.5(Medium)

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial ...

CWE-3722023

CVE-2020-27222

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong intern...

CWE-3722020

CVE-2023-4012

HIGH
CVSS:7.5(High)

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

CWE-3722023

CVE-2024-22590

CRITICAL
CVSS:9.1(Critical)

The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connectio...

CWE-3722024

CVE-2020-27222

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong intern...

CWE-3722020

CVE-2023-4012

HIGH
CVSS:7.5(High)

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

CWE-3722023