{"id":"CVE-2021-25737","details":"A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.","aliases":["GHSA-mfv7-gq43-w965","GO-2022-0908"],"modified":"2026-03-12T02:17:58.478559702Z","published":"2021-09-06T12:15:07.673Z","related":["openSUSE-SU-2025:15424-1"],"references":[{"type":"ADVISORY","url":"https://github.com/kubernetes/kubernetes/issues/102106"},{"type":"ADVISORY","url":"https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20211004-0004/"},{"type":"FIX","url":"https://github.com/kubernetes/kubernetes/issues/102106"},{"type":"ARTICLE","url":"https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77"},{"fixed":"ac0cc736d0018d817c763083945e4db863168d12"},{"introduced":"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38"},{"fixed":"132a687512d7fb058d0f5890f07d4121b3f0a2e2"},{"introduced":"e19964183377d0ec2052d1f1fa930c4d7575bd50"},{"fixed":"98d5dc5d36d34a7ee13368a7893dcb400ec4e566"}]}],"versions":["v1.19.0","v1.19.1","v1.19.1-rc.0","v1.19.10-rc.0","v1.19.2","v1.19.2-rc.0","v1.19.3","v1.19.3-rc.0","v1.19.4","v1.19.4-rc.0","v1.19.5","v1.19.5-rc.0","v1.19.6","v1.19.6-rc.0","v1.19.6-rc.1","v1.19.7","v1.19.7-rc.0","v1.19.8","v1.19.8-rc.0","v1.19.9","v1.19.9-rc.0","v1.20.0","v1.20.1","v1.20.1-rc.0","v1.20.1-rc.1","v1.20.2","v1.20.2-rc.0","v1.20.3","v1.20.3-rc.0","v1.20.4","v1.20.4-rc.0","v1.20.5","v1.20.5-rc.0","v1.20.6","v1.20.6-rc.0","v1.20.7-rc.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25737.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}