- [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)
    - [Am I vulnerable?](#am-i-vulnerable)
      - [Affected Versions](#affected-versions)
    - [How do I mitigate this vulnerability?](#how-do-i-mitigate-this-vulnerability)
      - [Fixed Versions](#fixed-versions)
    - [Detection](#detection)

    <glob pattern="NOTICE"/>
    <glob pattern="README"/>
    <glob pattern="abs-linkmap"/>
    <glob pattern="abs-menulinks"/>
    <glob pattern="*.aart"/>
    <glob pattern="*.ac"/>
    <glob pattern="*.am"/>
    <glob pattern="*.apt"/>
    <glob pattern="*.bsh"/>
    <glob pattern="*.classpath"/>
    <glob pattern="*.cnd"/>
    <glob pattern="*.cwiki"/>
    <glob pattern="*.data"/>

This issue has been rated low and assigned CVE-2021-25749

**Am I vulnerable?**

All Kubernetes clusters with following versions, running Windows workloads with `runAsNonRoot` are impacted

**Affected Versions**:

- kubelet v1.20 - v1.21
- kubelet v1.22.0 - v1.22.13

conditions of the following licenses.

--------------------------------------------------
Portions of the following files are licensed under the MIT License:

  lib/erl/src/Makefile.am

Please see doc/otp-base-license.txt for the full terms of this license.

--------------------------------------------------
For the aclocal/ax_boost_base.m4 and contrib/fb303/aclocal/ax_boost_base.m4 components: