Some Kubernetes CVEs don't appear on the official feed

[raesene]

Looking at the official CVE feed here there's a couple of CVEs that don't appear to be present.

• CVE-2020-8561
• CVE-2020-8562
• CVE-2021-25740

On a quick note related to these issues and also CVE-2020-8554, AFAIK all 4 of them have no patch so should be marked as present in every k8s version since their discovery.

cc @tabbysable just the follow-up from our chat at SIG-Security.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[tabbysable]

/remove-lifecycle stale