github.com/kubernetes/kubernetes is vulnerable to Authentication Bypass. The vulnerability exists because of improper node address validation in the ResourceLocation
function of strategy.go
, allowing an attacker to bypass the proxy address validation and send malicious requests to the API server’s private network.
github.com/advisories/GHSA-jh36-q97c-9928
github.com/kubernetes/kubernetes/commit/327866049e485e3f62d7a7cb847e8b947002ebdf
github.com/kubernetes/kubernetes/commit/78d552efe620879599509ff0f9b04b8764e1878f
github.com/kubernetes/kubernetes/commit/bb7c395dd945766e9d573d4307338d7e61d03f1e
github.com/kubernetes/kubernetes/commit/f85027fcc12d02f79a0649115bdbaf7c9d8aab17
github.com/kubernetes/kubernetes/issues/113757
groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA
security.netapp.com/advisory/ntap-20230505-0007/