**Affected Versions**:
  - kube-apiserver v1.31.0 - v1.31.11
  - kube-apiserver v1.32.0 - v1.32.7
  - kube-apiserver v1.33.0 - v1.33.3

**Fixed Versions**:
  - kube-apiserver v1.31.12
  - kube-apiserver v1.32.8
  - kube-apiserver v1.33.4

This vulnerability was reported by Paul Viossat.

**Affected Versions**:
  - kube-apiserver v1.27.0 - v1.27.2
  - kube-apiserver v1.26.0 - v1.26.5
  - kube-apiserver v1.25.0 - v1.25.10
  - kube-apiserver <= v1.24.14

**Fixed Versions**:
  - kube-apiserver v1.27.3
  - kube-apiserver v1.26.6
  - kube-apiserver v1.25.11
  - kube-apiserver v1.24.15

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3
  - kube-apiserver v1.24.0 - v1.24.7
  - kube-apiserver v1.23.0 - v1.23.13
  - kube-apiserver v1.22.0 - v1.22.15
  - kube-apiserver <= v1.21.?

**Fixed Versions**:
  - kube-apiserver v1.25.4
  - kube-apiserver v1.24.8
  - kube-apiserver v1.23.14
  - kube-apiserver v1.22.16

  - [Changelog since v1.15.6](#changelog-since-v1156)
    - [Other notable changes](#other-notable-changes-1)
- [v1.15.6](#v1156)
  - [Downloads for v1.15.6](#downloads-for-v1156)
    - [Client Binaries](#client-binaries-6)
    - [Server Binaries](#server-binaries-6)
    - [Node Binaries](#node-binaries-6)
  - [Changelog since v1.15.5](#changelog-since-v1155)
    - [Other notable changes](#other-notable-changes-2)
- [v1.15.5](#v1155)

**Affected Versions**:
  - kube-apiserver v1.31.0 - v1.31.11
  - kube-apiserver v1.32.0 - v1.32.7
  - kube-apiserver v1.33.0 - v1.33.3

**Fixed Versions**:
  - kube-apiserver v1.31.12
  - kube-apiserver v1.32.8
  - kube-apiserver v1.33.4

This vulnerability was reported by Paul Viossat.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3
  - kube-apiserver v1.24.0 - v1.24.7
  - kube-apiserver v1.23.0 - v1.23.13
  - kube-apiserver v1.22.0 - v1.22.15
  - kube-apiserver <= v1.21.?

**Fixed Versions**:
  - kube-apiserver v1.25.4
  - kube-apiserver v1.24.8
  - kube-apiserver v1.23.14
  - kube-apiserver v1.22.16

  - [Changelog since v1.17.1](#changelog-since-v1171)
- [v1.17.1](#v1171)
  - [Downloads for v1.17.1](#downloads-for-v1171)
    - [Client Binaries](#client-binaries-16)
    - [Server Binaries](#server-binaries-16)
    - [Node Binaries](#node-binaries-16)
  - [Changelog since v1.17.0](#changelog-since-v1170)
    - [Other notable changes](#other-notable-changes)
- [v1.17.0](#v1170)

<!-- BEGIN MUNGE: GENERATED_TOC -->
- [v1.11.10](#v11110)
  - [Downloads for v1.11.10](#downloads-for-v11110)
    - [Client Binaries](#client-binaries)
    - [Server Binaries](#server-binaries)
    - [Node Binaries](#node-binaries)
  - [Changelog since v1.11.9](#changelog-since-v1119)
    - [Other notable changes](#other-notable-changes)
- [v1.11.9](#v1119)
  - [Downloads for v1.11.9](#downloads-for-v1119)
    - [Client Binaries](#client-binaries-1)

that could allow a user with the ability to query a node's '/logs' endpoint
to execute arbitrary commands on the host.

**Affected Versions**:
  - kubelet <= v1.29.12
  - kubelet <= v1.30.8
  - kubelet <= v1.31.4
  - kubelet = v1.32.0

**Fixed Versions**:
  - kubelet 1.29.13
  - kubelet 1.30.9
  - kubelet 1.31.5
  - kubelet 1.32.1

        v1 = graph.addVertex(new ArtifactMetadata("g", "a1", "1.0"));
        graph.setEntry(v1);
        v2 = graph.addVertex(new ArtifactMetadata("g", "a2", "1.0"));
        v3 = graph.addVertex(new ArtifactMetadata("g", "a3", "1.0"));
        v4 = graph.addVertex(new ArtifactMetadata("g", "a4", "1.0"));

        // v1-->v2
        graph.addEdge(v1, v2, new MetadataGraphEdge("1.1", true, null, null, 2, 1));