A bug in the GKE gVisor sandbox's network policy implementation allowed access to the Google Compute Engine metadata API.
Wed, Dec 30th, 2020