**Fixed Versions**:
  - kube-apiserver v1.21.0
  - kube-apiserver v1.20.6
  - kube-apiserver v1.19.10
  - kube-apiserver v1.18.18

This vulnerability was reported by Rogerio Bastos & Ari Lima from RedHat


**CVSS Rating:** Medium (6.5) [CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H](https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)

## Changes by Kind

FabríCio Ceschin, @fp, @Ghedeon, @guschmue, Gökçen Eraslan, Haosdent Huang,
Haroen Viaene, Harold Cooper, Henrik Holst, @hoangmit, Ivan Ukhov, Javier
Dehesa, Jingtian Peng, Jithin Odattu, Joan Pastor, Johan Mathe, Johannes Mayer,
Jongwook Choi, Justus Schwabedal, Kai Wolf, Kamil Hryniewicz, Kamran Amini,
Karen Brems, Karl Lattimer, @kborer, Ken Shirriff, Kevin Rose, Larissa Laich,

uint { // Every iteration of this loop doubles the least-significant bits of // correct inverse in y. The first three bits are already correct (1⁻¹ = 1, // 3⁻¹ = 3, 5⁻¹ = 5, and 7⁻¹ = 7 mod 8), so doubling five times is enough // for 64 bits (and wastes only one iteration for 32 bits). // // See https://crypto.stackexchange.com/a/47496. y := x for i := 0; i < 5; i++ { y = y * (2 - x*y) } return -y } // NewModulus creates a new Modulus from a slice of big-endian bytes. The // modulus must be greater...

uint { // Every iteration of this loop doubles the least-significant bits of // correct inverse in y. The first three bits are already correct (1⁻¹ = 1, // 3⁻¹ = 3, 5⁻¹ = 5, and 7⁻¹ = 7 mod 8), so doubling five times is enough // for 64 bits (and wastes only one iteration for 32 bits). // // See https://crypto.stackexchange.com/a/47496. y := x for i := 0; i < 5; i++ { y = y * (2 - x*y) } return -y } // NewModulus creates a new Modulus from a slice of big-endian bytes. The // modulus must be greater...