You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Per CVE-2021-25740, it is possible for ExternalName services to target services living in other namespaces. This is a consequence of the Kubernetes design.
It might be desirable to allow users to disable support for Externalname services to make cross-namespace traffic more difficult in scenarios where it is not desirable. Whether this should be considered a security issue is under debate.
The text was updated successfully, but these errors were encountered:
Problem Statement
Per CVE-2021-25740, it is possible for ExternalName services to target services living in other namespaces. This is a consequence of the Kubernetes design.
It might be desirable to allow users to disable support for Externalname services to make cross-namespace traffic more difficult in scenarios where it is not desirable. Whether this should be considered a security issue is under debate.
The text was updated successfully, but these errors were encountered: