CVE-2021-25736

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-25736

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25736.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-25736

Aliases

Downstream

openSUSE-SU-2025:15424-1

Related

Published

2023-10-30T03:15:07.653Z

Modified

2026-04-12T00:08:57.592330Z

Severity

6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the LoadBalancer controller sets the “status.loadBalancer.ingress[].ip” field are unaffected.

References

Affected packages

Git / github.com/kubernetes/kubernetes

Affected ranges

Type

GIT

Repo

https://github.com/kubernetes/kubernetes

Events

Introduced

9e991415386e4cf155a24b1da15becaa390438d8

Fixed

6f6ce59dc8fefde25a3ba0ef0047f4ec6662ef24

Introduced

e19964183377d0ec2052d1f1fa930c4d7575bd50

Fixed

98d5dc5d36d34a7ee13368a7893dcb400ec4e566

Introduced

af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38

Fixed

8a62859e515889f07e3e3be6a1080413f17cf2c3

Database specific

{
    "cpe": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.18.0"
        },
        {
            "fixed": "1.18.18"
        },
        {
            "introduced": "1.19.0"
        },
        {
            "fixed": "1.19.10"
        },
        {
            "introduced": "1.20.0"
        },
        {
            "fixed": "1.20.6"
        }
    ],
    "source": "CPE_FIELD"
}

Affected versions

v1.*

v1.18.0

v1.18.1

v1.18.1-beta.0

v1.18.10

v1.18.10-rc.0

v1.18.11-rc.0

v1.18.12

v1.18.12-rc.1

v1.18.13

v1.18.13-rc.0

v1.18.14

v1.18.14-rc.0

v1.18.14-rc.1

v1.18.15

v1.18.15-rc.0

v1.18.16

v1.18.16-rc.0

v1.18.17

v1.18.17-rc.0

v1.18.18-rc.0

v1.18.2

v1.18.2-beta.0

v1.18.3

v1.18.3-beta.0

v1.18.4

v1.18.4-rc.0

v1.18.5

v1.18.5-rc.0

v1.18.5-rc.1

v1.18.6

v1.18.6-rc.0

v1.18.7-rc.0

v1.18.8

v1.18.8-rc.1

v1.18.9

v1.18.9-rc.0

v1.19.0

v1.19.1

v1.19.1-rc.0

v1.19.10-rc.0

v1.19.2

v1.19.2-rc.0

v1.19.3

v1.19.3-rc.0

v1.19.4

v1.19.4-rc.0

v1.19.5

v1.19.5-rc.0

v1.19.6

v1.19.6-rc.0

v1.19.6-rc.1

v1.19.7

v1.19.7-rc.0

v1.19.8

v1.19.8-rc.0

v1.19.9

v1.19.9-rc.0

v1.20.0

v1.20.1

v1.20.1-rc.0

v1.20.1-rc.1

v1.20.2

v1.20.2-rc.0

v1.20.3

v1.20.3-rc.0

v1.20.4

v1.20.4-rc.0

v1.20.5

v1.20.5-rc.0

v1.20.6-rc.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25736.json"