Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-35c7-w35f-xwgh

GitHub Security Advisory

Kube-proxy may unintentionally forward traffic

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (`spec.ports[*].port`) as a LoadBalancer Service when the LoadBalancer controller does not set the `status.loadBalancer.ingress[].ip` field. Clusters
where the LoadBalancer controller sets the `status.loadBalancer.ingress[].ip` field are unaffected.

Affected Packages

Go k8s.io/kubernetes
Affected versions: 0 (fixed in 1.21)

Related CVEs

CVE-2021-25736

Key Information

GHSA ID
GHSA-35c7-w35f-xwgh
Published
October 30, 2023 3:30 AM
Last Modified
February 13, 2025 7:20 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
k8s.io/kubernetes
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.