5 matches found
CVE-2026-53935
Summary: CVE-2026-53935 affects Cilium versions prior to 1.17.16, 1.18.2–1.18.9, and 1.19.0–1.19.3. An attacker who can create a CiliumLocalRedirectPolicy may specify arbitrary ClusterIPs via addressMatcher, enabling cross-namespace traffic hijacking to Services and bypassing serviceMatcher names...
CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Impact Users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, which enables hijacking traffic to Services in any namespace, bypassing the namespace-scoping guarantees enforced by serviceMatcher. In addition, deleting such a policy can...
PT-2026-56056
Name of the Vulnerable Software and Affected Versions Cilium versions 1.19.0 through 1.19.3 Cilium versions 1.18.2 through 1.18.9 Cilium versions prior to 1.17.16 Description Users capable of creating CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs using the addressMatcher parameter...
doc-redaction (>=2.2.0 <=2.3.0), f5-tts (=1.1.20) +8 more potentially affected by CVE-2026-10783 via gradio (>=6.0.0 <=6.11.0)
gradio PYPI version =6.0.0, =2.2.0, =2.1.1, =0.0.1, =1.14.0, =2.10.0 Source cves: CVE-2026-10783 Source advisory: SNYK:PYTHON-GRADIO-17146861...
doc-redaction (>=2.2.0 <=2.3.0), f5-tts (=1.1.20) +8 more potentially affected by CVE-2026-48545 via gradio (>=6.0.0 <=6.11.0)
gradio PYPI version =6.0.0, =2.2.0, =2.1.1, =0.0.1, =1.14.0, =2.10.0 Source cves: CVE-2026-48545 Source advisory: SNYK:PYTHON-GRADIO-16960000...