- [Node Binaries](#node-binaries)
    - [Container Images](#container-images)
  - [Changelog since v1.21.13](#changelog-since-v12113)
  - [Dependencies](#dependencies)
    - [Added](#added)
    - [Changed](#changed)
    - [Removed](#removed)
- [v1.21.13](#v12113)
  - [Downloads for v1.21.13](#downloads-for-v12113)
    - [Source Code](#source-code-1)
    - [Client Binaries](#client-binaries-1)

  - kubelet <= v1.27.4
  - kubelet <= v1.26.7
  - kubelet <= v1.25.12
  - kubelet <= v1.24.16

**Fixed Versions**:
  - kubelet v1.28.1
  - kubelet v1.27.5
  - kubelet v1.26.8
  - kubelet v1.25.13
  - kubelet v1.24.17

This vulnerability was discovered by James Sturtevant @jsturtevant and Mark Rossetti @marosset during the process of fixing CVE-2023-3676 (that original CVE was reported by Tomer Peled @tomerpeled92)

pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_WELLFLEET = 33027
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_WELLFLEET ideal-int
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_X25 = 2053
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_X25 ideal-int
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_X75 = 2049
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_X75 ideal-int

  - kubelet <= v1.27.4
  - kubelet <= v1.26.7
  - kubelet <= v1.25.12
  - kubelet <= v1.24.16

**Fixed Versions**:
  - kubelet v1.28.1
  - kubelet v1.27.5
  - kubelet v1.26.8
  - kubelet v1.25.13
  - kubelet v1.24.17

This vulnerability was discovered by James Sturtevant @jsturtevant and Mark Rossetti @marosset during the process of fixing CVE-2023-3676 (that original CVE was reported by Tomer Peled @tomerpeled92)

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3
  - kube-apiserver v1.24.0 - v1.24.7
  - kube-apiserver v1.23.0 - v1.23.13
  - kube-apiserver v1.22.0 - v1.22.15
  - kube-apiserver <= v1.21.?

**Fixed Versions**:
  - kube-apiserver v1.25.4