Unknown · Kubernetes · CVE-2021-25741
**Name of the Vulnerable Software and Affected Versions**
Kubernetes (affected versions not specified)
**Description**
A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. The issue is related to insufficient access control and can be exploited by a remote attacker to bypass security restrictions. The problem is caused by a race condition that allows an attacker to create a symbolic link, giving access from the container to the root of the operating system.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.