Public CVE-2016-1505 disclosure

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.